The User API
The User API allows you to make API requests that are scoped to an individual user.
This allows you to delegate the responsibility of ensuring a user has the required permissions to make a given request to UserHub.
It also makes it possible to call the UserHub API directly from the browser.
Create Key#
- Go to the Admin Console and click Developer
- Click the New API key button
- Set the Description field to
Getting Started
- Select
User API
from Type dropdown - Select
Read and write
from the User scope dropdown - Click the Create button
- Click Copy when the newly created key appears
Install SDK#
# No setup required
npm install @userhub/sdk
go get -u github.com/userhubdev/go-sdk
composer require userhub/sdk
pip install -U userhub-sdk
Make an Unauthenticated Request#
Use the User API key to make an unauthenticated API call to the session endpoint.
curl https://api.userhub.com/user/v1/session \
-H "UserHub-Api-Key: $USER_API_KEY"
import { UserApi } from "@userhub/sdk";
const userApi = new UserApi(process.env.USER_API_KEY);
const res = await userApi.session.get();
if (res.user) {
console.log("Authenticated");
} else {
console.log("Not authenticated");
}
package main
import (
"context"
"fmt"
"os"
"github.com/userhubdev/go-sdk/userapi"
)
func main() {
ctx := context.Background()
userApi, err := userapi.New(os.Getenv("USER_API_KEY"), "")
if err != nil {
panic(err)
}
res, err := userApi.Session().Get(ctx, nil)
if err != nil {
panic(err)
}
if res.User != nil {
fmt.Println("Authenticated")
} else {
fmt.Println("Not authenticated")
}
}
<?php
require __DIR__.'/vendor/autoload.php';
use UserHub\UserApi;
$userApi = new UserApi(getenv('USER_API_KEY'));
$res = $userApi->session->get();
if (isset($res->user)) {
echo 'Authenticated'.PHP_EOL;
} else {
echo 'Not authenticated'.PHP_EOL;
}
import os
from userhub_sdk import UserApi
user_api = UserApi(os.environ.get("USER_API_KEY"))
res = user_api.session.get()
if res.user:
print("Authenticated")
else:
print("Not authenticated")
Make an Authenticated Request#
Follow the instructions in the Admin API getting started guide and use those credentials to create an API session and make an authenticated call.
curl "https://api.userhub.com/admin/v1/users/$USER_ID:createApiSession" \
-H "Authorization: Bearer $ADMIN_API_KEY" \
-X POST
curl https://api.userhub.com/user/v1/session \
-H "UserHub-Api-Key: $USER_API_KEY" \
-H "Authorization: Bearer $USER_ACCESS_TOKEN"
import { AdminApi, UserApi } from "@userhub/sdk";
const adminApi = new AdminApi(process.env.ADMIN_API_KEY);
const session = await adminApi.users.createApiSession(process.env.USER_ID);
const userApi = new UserApi(process.env.USER_API_KEY, session.accessToken);
const res = await userApi.session.get();
if (res.user) {
console.log("Authenticated");
} else {
console.log("Not authenticated");
}
package main
import (
"context"
"fmt"
"os"
"github.com/userhubdev/go-sdk/adminapi"
"github.com/userhubdev/go-sdk/userapi"
)
func main() {
ctx := context.Background()
adminApi, err := adminapi.New(os.Getenv("ADMIN_API_KEY"))
if err != nil {
panic(err)
}
session, err := adminApi.Users().CreateApiSession(ctx, os.Getenv("USER_ID"), nil)
if err != nil {
panic(err)
}
userApi, err := userapi.New(os.Getenv("USER_API_KEY"), session.AccessToken)
if err != nil {
panic(err)
}
res, err := userApi.Session().Get(ctx, nil)
if err != nil {
panic(err)
}
if res.User != nil {
fmt.Println("Authenticated")
} else {
fmt.Println("Not authenticated")
}
}
<?php
require __DIR__.'/vendor/autoload.php';
use UserHub\AdminApi;
use UserHub\UserApi;
$adminApi = new AdminApi(getenv('ADMIN_API_KEY'));
$session = $adminApi->users->createApiSession(userId: getenv('USER_ID'));
$userApi = new UserApi(getenv('USER_API_KEY'), $session->accessToken);
$res = $userApi->session->get();
if (isset($res->user)) {
echo 'Authenticated'.PHP_EOL;
} else {
echo 'Not authenticated'.PHP_EOL;
}
import os
from userhub_sdk import AdminApi, UserApi
admin_api = AdminApi(os.environ.get("ADMIN_API_KEY"))
session = admin_api.users.create_api_session(user_id=os.environ.get("USER_ID"))
user_api = UserApi(os.environ.get("USER_API_KEY"), session.access_token)
res = user_api.session.get()
if res.user:
print("Authenticated")
else:
print("Not authenticated")
Most endpoints in the User API require that you provide a user access token, but some can be called with only the User API key.