User
This is a detailed reference for the User
object. If you’re looking for a more high-level overview, please refer to our guide on users here.
On this page:
CurrentUser
You can call useUser()
or stackServerApp.getUser()
to get the CurrentUser
object.
Table of Contents
currentUser.id
The user ID as a string
. This is the unique identifier of the user.
Type Definition
currentUser.displayName
The display name of the user as a string
or null
if not set. The user can modify this value.
Type Definition
currentUser.primaryEmail
The primary email of the user as a string
or null
. Note that this is not necessarily unique.
Type Definition
currentUser.primaryEmailVerified
A boolean
indicating whether the primary email of the user is verified.
Type Definition
currentUser.profileImageUrl
The profile image URL of the user as a string
or null
if no profile image is set.
Type Definition
currentUser.signedUpAt
The date and time when the user signed up, as a Date
.
Type Definition
currentUser.hasPassword
A boolean
indicating whether the user has a password set.
Type Definition
currentUser.clientMetadata
The client metadata of the user as an object
. This metadata is visible on the client side but should not contain sensitive or server-only information.
Type Definition
currentUser.clientReadOnlyMetadata
Read-only metadata visible on the client side. This metadata can only be modified on the server side.
Type Definition
currentUser.selectedTeam
The currently selected team for the user, if applicable, as a Team
object or null
if no team is selected.
Type Definition
currentUser.update(data)
Updates the user information.
Parameters
The fields to update.
Returns
Promise<void>
Signature
Examples
currentUser.getTeam(id)
Gets the team with the specified ID.
Parameters
The ID of the team to get.
Returns
Promise<Team | null>
: The team object, or null
if the team is not found or the user is not a member of the team.
Signature
Examples
currentUser.useTeam(id)
Gets the team with the given ID. This is the same as getTeam
but is used as a React hook.
Parameters
The ID of the team to get.
Returns
Team | null
: The team object, or null
if the team is not found or the user is not a member of the team.
Signature
Examples
currentUser.listTeams()
Lists all the teams the user is a member of.
Parameters
None.
Returns
Promise<Team[]>
: The list of teams.
Signature
Examples
currentUser.useTeams()
Lists all the teams the user is a member of. This is the same as listTeams
but is used as a React hook.
Parameters
None.
Returns
Team[]
: The list of teams.
Signature
Examples
currentUser.setSelectedTeam(team)
Sets the currently selected team for the user.
Parameters
The team to set as selected, or null
to clear selection.
Returns
Promise<void>
Signature
Examples
currentUser.createTeam(data)
Creates a new team for the user. The user will be added to the team and given creator permissions.
Note: If client-side team creation is disabled in the Stack dashboard, this will throw an error.
Parameters
The data for creating the team.
Returns
Promise<Team>
: The created team.
Signature
Examples
currentUser.leaveTeam(team)
Allows the user to leave a team. If the user is not a member of the team, this will throw an error.
Parameters
The team to leave.
Returns
Promise<void>
Signature
Examples
currentUser.getTeamProfile(team)
Retrieves the user’s profile within a specific team.
Parameters
The team to retrieve the profile for.
Returns
Promise<EditableTeamMemberProfile>
: The user’s editable profile for the specified team.
Signature
Examples
currentUser.useTeamProfile(team)
Retrieves the user’s profile within a specific team. This is the same as getTeamProfile
but is used as a React hook.
Parameters
The team to retrieve the profile for.
Returns
EditableTeamMemberProfile
: The user’s editable profile for the specified team.
Signature
Examples
currentUser.hasPermission(scope, permissionId)
Checks if the user has a specific permission for a team.
Parameters
The team to check the permission for.
The ID of the permission to check.
Returns
Promise<boolean>
: Whether the user has the specified permission.
Signature
Examples
currentUser.getPermission(scope, permissionId, options?)
Retrieves a specific permission for a user within a team.
Parameters
The team to retrieve the permission for.
The ID of the permission to retrieve.
An object containing multiple properties.
Returns
Promise<TeamPermission | null>
: The permission object, or null
if not found.
Signature
Examples
currentUser.usePermission(scope, permissionId, options?)
Retrieves a specific permission for a user within a team, used as a React hook.
Parameters
The team to retrieve the permission for.
The ID of the permission to retrieve.
An object containing multiple properties.
Returns
TeamPermission | null
: The permission object, or null
if not found.
Signature
Examples
currentUser.listPermissions(scope[, options])
Lists all permissions the user has for a specified team.
Parameters
The team to list permissions for.
An object containing multiple properties.
Returns
Promise<TeamPermission[]>
: An array of permissions.
Signature
Examples
currentUser.usePermissions(scope, options?)
Lists all permissions the user has for a specified team, used as a React hook.
Parameters
The team to retrieve permissions for.
An object containing multiple properties.
Returns
TeamPermission[]
: An array of permissions.
Signature
Examples
currentUser.listContactChannels()
Lists all the contact channels of the user.
Parameters
No parameters.
Returns
Promise<ContactChannel[]>
: An array of contact channels.
Signature
Examples
currentUser.useContactChannels()
Lists all the contact channels of the user, used as a React hook.
Parameters
No parameters.
Returns
ContactChannel[]
: An array of contact channels.
Signature
Examples
currentUser.updatePassword(data)
Updates the user’s password.
Parameters
The fields required for updating the password.
Returns
Promise<void>
Signature
Examples
currentUser.getAuthHeaders()
Returns headers for sending authenticated HTTP requests to external servers. Most commonly used in cross-origin
requests. Similar to getAuthJson
, but specifically for HTTP requests.
If you are using tokenStore: "cookie"
, you don’t need this for same-origin requests. However, most
browsers now disable third-party cookies by default, so we must pass authentication tokens by header instead
if the client and server are on different hostnames.
This function returns a header object that can be used with fetch
or other HTTP request libraries to send
authenticated requests.
On the server, you can then pass in the Request
object to the tokenStore
option
of your Stack app. Please note that CORS does not allow most headers by default, so you
must include x-stack-auth
in the Access-Control-Allow-Headers
header
of the CORS preflight response.
Parameters
No parameters.
Returns
Promise<Record<string, string>>
: An object containing the authentication headers.
Signature
Examples
currentUser.getAuthJson()
Creates a JSON-serializable object containing the information to authenticate a user on an external server.
While getAuthHeaders
is the recommended way to send authentication tokens over HTTP, your app may use
a different protocol, for example WebSockets or gRPC. This function returns a token object that can be JSON-serialized and sent to the server in any way you like.
On the server, you can pass in this token object into the tokenStore
option to fetch user details.
Parameters
No parameters.
Returns
Promise<{ accessToken: string | null }>
: An object containing the access token.
Signature
Examples
currentUser.signOut(options)
Signs out the user and clears the session.
Parameters
An object containing multiple properties.
Returns
Promise<void>
Signature
Examples
currentUser.delete()
Deletes the user. This action is irreversible and can only be used if client-side user deletion is enabled in the Stack dashboard.
Parameters
No parameters.
Returns
Promise<void>
Signature
Examples
ServerUser
The ServerUser
object contains most CurrentUser
properties and methods with the exception of those that require an active session (getAuthJson
and signOut
). It also contains some additional functions that require server-level permissions.
Table of Contents
serverUser.lastActiveAt
The last active date and time of the user as a Date
.
Type Definition
serverUser.serverMetadata
The server metadata of the user, accessible only on the server side.
Type Definition
serverUser.update(data)
Updates the user’s information on the server side. This is similar to the CurrentUser.update()
method but includes additional capabilities, such as updating server metadata or setting a new password directly.
Parameters
The fields to update.
Returns
Promise<void>
Signature
Examples
serverUser.listContactChannels()
Lists all the contact channels of the user on the server side. This is similar to CurrentUser.listContactChannels()
but returns a list of ServerContactChannel
objects, which may include additional server-only details.
Parameters
No parameters.
Returns
Promise<ServerContactChannel[]>
: An array of server-specific contact channels.
Signature
Examples
serverUser.useContactChannels()
This is the documentation for a React hook on a server type. This is uncommon, because server types are only available with server permissions and React Server Components do not use hooks. Ask yourself if you:
- Want to use this on the server, eg. in a React Server Component? Look for the respective function without the
use
prefix (eg.getUser
instead ofuseUser
). - Want to use this on the client, eg. in a React Client Component? Look at the documentation of the client type (eg.
CurrentUser
instead ofCurrentServerUser
). - Are an advanced user, building an internal tool, and confident that you are securing
SECRET_SERVER_KEY
correctly? Then this is for you.
Functionally equivalent to listContactChannels()
, but as a React hook.
serverUser.grantPermission(scope, permissionId)
Grants a specific permission to the user for a given team.
Parameters
The team to grant the permission for.
The ID of the permission to grant.
Returns
Promise<void>
Signature
Examples
serverUser.revokePermission(scope, permissionId)
Revokes a specific permission from the user for a given team.
Parameters
The team to revoke the permission from.
The ID of the permission to revoke.
Returns
Promise<void>
Signature
Examples
CurrentServerUser
The CurrentServerUser
object combines all the properties and methods of both CurrentUser
and ServerUser
. You can obtain a CurrentServerUser
by calling stackServerApp.getUser()
on the server side.