Skip to main content
Anchor to User

User

object

The authenticated user. Fields are gated by the access token's granted scopes; fields not granted by the token resolve to null.

Anchor to FieldsFields

Anchor to avataravatar
•String

URL of the user's avatar image. Requires the avatar or profile scope.

Anchor to emailemail
•String

The user's email address. Requires email (also granted by email:verified or user:manage).

Anchor to emailVerifiedemailVerified
•Boolean

Whether the user's email has been verified. Requires email (also granted by email:verified or user:manage).

Anchor to familyNamefamilyName
•String

The user's family (last) name. Requires the name or profile scope.

Anchor to givenNamegivenName
•String

The user's given (first) name. Requires the name or profile scope.

Anchor to namename
•String

The user's full name (given + family). Requires the name or profile scope.

Anchor to phonephone
•String

The user's phone number. Requires phone (also granted by phone:verified or user:manage). Returns null if the user has no phone on record.

Anchor to phoneVerifiedphoneVerified
•Boolean

Whether the user's phone number has been verified. Requires phone (also granted by phone:verified or user:manage). Returns null if the user has no phone on record.

Anchor to subsub
•String

Stable subject identifier of the user. Always present when the token authenticates a user; not gated by a specific scope.

Was this section helpful?

Anchor to MutationsMutations

Anchor to fetchTokensForUserfetchTokensForUser
•mutation

Fetch an OAuth Access and Refresh Token pair for a user. Exactly one of publicId or consentToken must be provided.

When publicId is provided, the user's existing connection with the client is verified and tokens are issued for the consented scope.

When consentToken is provided — a signed JWT from a Sign in with Shop flow granting delegated consent from a merchant's buyer connection to this partner — the token is verified, a delegated user connection is established, and tokens are issued for the delegated scope.

Arguments

Anchor to consentTokenconsentToken
•String

Signed JWT consent token from a Sign in with Shop flow granting delegated access. Required when not providing a public ID.

Anchor to publicIdpublicId
•String

The public ID of the user. Required when not providing a consent token.

Was this section helpful?