The User API
The User API allows you to make API requests that are scoped to an individual user.
This allows you to delegate the responsibility of ensuring a user has the required permissions to make a given request to UserHub.
It also makes it possible to call the UserHub API directly from the browser.
Create key
- Go to the Admin console and click API keys via the Developers dropdown or Tenant settings
- Click the New API key button
- Set the Description field to
Getting Started
- Select
User API
from Type dropdown - Select
Read and write
from the User scope dropdown - Click the Create button
- Click Copy when the newly created key appears
Install SDK
# No setup required
npm install @userhub/sdk
go get -u github.com/userhubdev/go-sdk
composer require userhub/sdk
pip install -U userhub-sdk
Make an unauthenticated request
Use the User API key to make an unauthenticated API call to the session endpoint.
curl https://api.userhub.com/user/v1/session \
-H "UserHub-Api-Key: $USER_API_KEY"
import { UserApi } from "@userhub/sdk";
const userApi = new UserApi(process.env.USER_API_KEY);
const res = await userApi.session.get();
if (res.user) {
console.log("Authenticated");
} else {
console.log("Not authenticated");
}
package main
import (
"context"
"fmt"
"os"
"github.com/userhubdev/go-sdk/userapi"
)
func main() {
ctx := context.Background()
userApi, err := userapi.New(os.Getenv("USER_API_KEY"), "")
if err != nil {
panic(err)
}
res, err := userApi.Session().Get(ctx, nil)
if err != nil {
panic(err)
}
if res.User != nil {
fmt.Println("Authenticated")
} else {
fmt.Println("Not authenticated")
}
}
<?php
require __DIR__.'/vendor/autoload.php';
use UserHub\UserApi;
$userApi = new UserApi(getenv('USER_API_KEY'));
$res = $userApi->session->get();
if (isset($res->user)) {
echo 'Authenticated'.PHP_EOL;
} else {
echo 'Not authenticated'.PHP_EOL;
}
import os
from userhub_sdk import UserApi
user_api = UserApi(os.environ.get("USER_API_KEY"))
res = user_api.session.get()
if res.user:
print("Authenticated")
else:
print("Not authenticated")
Make an authenticated request
Follow the instructions in the Admin API getting started guide and use those credentials to create an API session and make an authenticated call.
curl "https://api.userhub.com/admin/v1/users/$USER_ID:createApiSession" \
-H "Authorization: Bearer $ADMIN_API_KEY" \
-X POST
curl https://api.userhub.com/user/v1/session \
-H "UserHub-Api-Key: $USER_API_KEY" \
-H "Authorization: Bearer $USER_ACCESS_TOKEN"
import { AdminApi, UserApi } from "@userhub/sdk";
const adminApi = new AdminApi(process.env.ADMIN_API_KEY);
const session = await adminApi.users.createApiSession(process.env.USER_ID);
const userApi = new UserApi(process.env.USER_API_KEY, session.accessToken);
const res = await userApi.session.get();
if (res.user) {
console.log("Authenticated");
} else {
console.log("Not authenticated");
}
package main
import (
"context"
"fmt"
"os"
"github.com/userhubdev/go-sdk/adminapi"
"github.com/userhubdev/go-sdk/userapi"
)
func main() {
ctx := context.Background()
adminApi, err := adminapi.New(os.Getenv("ADMIN_API_KEY"))
if err != nil {
panic(err)
}
session, err := adminApi.Users().CreateApiSession(ctx, os.Getenv("USER_ID"), nil)
if err != nil {
panic(err)
}
userApi, err := userapi.New(os.Getenv("USER_API_KEY"), session.AccessToken)
if err != nil {
panic(err)
}
res, err := userApi.Session().Get(ctx, nil)
if err != nil {
panic(err)
}
if res.User != nil {
fmt.Println("Authenticated")
} else {
fmt.Println("Not authenticated")
}
}
<?php
require __DIR__.'/vendor/autoload.php';
use UserHub\AdminApi;
use UserHub\UserApi;
$adminApi = new AdminApi(getenv('ADMIN_API_KEY'));
$session = $adminApi->users->createApiSession(userId: getenv('USER_ID'));
$userApi = new UserApi(getenv('USER_API_KEY'), $session->accessToken);
$res = $userApi->session->get();
if (isset($res->user)) {
echo 'Authenticated'.PHP_EOL;
} else {
echo 'Not authenticated'.PHP_EOL;
}
import os
from userhub_sdk import AdminApi, UserApi
admin_api = AdminApi(os.environ.get("ADMIN_API_KEY"))
session = admin_api.users.create_api_session(user_id=os.environ.get("USER_ID"))
user_api = UserApi(os.environ.get("USER_API_KEY"), session.access_token)
res = user_api.session.get()
if res.user:
print("Authenticated")
else:
print("Not authenticated")
Most endpoints in the User API require that you provide a user access token, but some can be called with only the User API key.