Skip to main content
GET
Retrieve a user

Authorizations

Authorization
string
header
required

Enter your API key in the format: sk_test_xxxxx or sk_live_xxxxx

Path Parameters

user_id
string
required

User ID

Example:

"palm_usr_1a2b3c4d5e6f7g8h"

Response

User retrieved successfully

id
string<uuid>
required

Unique identifier for the resource

Example:

"123e4567-e89b-12d3-a456-426614174000"

object
enum<string>
required

Object type identifier, always "user"

Available options:
user
Example:

"user"

mode
enum<string>
required

Whether this resource was created with test or live credentials. Test and live data are fully isolated — a test resource never appears in live results and vice versa.

Available options:
test,
live
Example:

"live"

created_at
string<date-time>
required

ISO 8601 timestamp of when the resource was created

Example:

"2025-10-24T10:30:00Z"

updated_at
string<date-time>
required

ISO 8601 timestamp of when the resource was last updated

Example:

"2025-10-24T15:45:00Z"

metadata
object
required

Store up to 50 custom key-value pairs for application-specific data. Useful for storing references to external systems, feature flags, or other custom attributes.

Example:
status
enum<string>
required

Current status of the user

Available options:
active,
suspended,
deleted
Example:

"active"

verification
object | null
required

Most recent verification information. Null if user has never been verified.

display_name
string | null
required

Display name for the user

Example:

"John Doe"

email_fingerprint
string | null
required

SHA-256 fingerprint of the user's email address. Used for duplicate detection and search without exposing the actual email. Automatically generated when email is stored in vault.

Example:

"f7c3bc1d808e04732adf679965ccc34ca7ae3441"

phone_fingerprint
string | null
required

SHA-256 fingerprint of the user's phone number. Used for duplicate detection and search without exposing the actual phone. Automatically generated when phone is stored in vault.

Example:

"a8d4bc2e919f15843beg890076ddd45db8bf4552"

vault
object | null
required

Cached vault field values for non-encrypted fields. Keys are full field IDs (e.g., "identity.first_name"). Only includes fields where encrypted=false in vault_field_definition.

Example: