(users)
The user object represents a user that has successfully signed up to your application. https://clerk.com/docs/reference/clerkjs/user
- list - List all users
- create - Create a new user
- count - Count users
- get - Retrieve a user
- update - Update a user
- delete - Delete a user
- ban - Ban a user
- unban - Unban a user
- lock - Lock a user
- unlock - Unlock a user
- setProfileImage - Set user profile image
- deleteProfileImage - Delete user profile image
- updateMetadata - Merge and update a user's metadata
- getOAuthAccessToken - Retrieve the OAuth access token of a user
- getOrganizationMemberships - Retrieve all memberships for a user
- getOrganizationInvitations - Retrieve all invitations for a user
- verifyPassword - Verify the password of a user
- verifyTOTP - Verify a TOTP or backup code for a user
- disableMFA - Disable a user's MFA methods
- deleteBackupCodes - Disable all user's Backup codes
- deletePasskey - Delete a user passkey
- deleteWeb3Wallet - Delete a user web3 wallet
- createTOTP - Create a TOTP for a user
- deleteTotp - Delete all the user's TOTPs
- deleteExternalAccount - Delete External Account
Returns a list of all users. The users are returned sorted by creation date, with the newest users appearing first.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
use Clerk\Backend\Models\Operations;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$request = new Operations\GetUserListRequest(
lastActiveAtSince: 1700690400000,
);
$response = $sdk->users->list(
request: $request
);
if ($response->userList !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
$request |
Operations\GetUserListRequest | ✔️ | The request object to use for the request. |
?Operations\GetUserListResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors22 | 400, 401, 422 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Creates a new user. Your user management settings determine how you should setup your user model.
Any email address and phone number created using this method will be marked as verified.
Note: If you are performing a migration, check out our guide on zero downtime migrations.
A rate limit rule of 20 requests per 10 seconds is applied to this endpoint.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
use Clerk\Backend\Models\Operations;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$request = new Operations\CreateUserRequestBody();
$response = $sdk->users->create(
request: $request
);
if ($response->user !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
$request |
Operations\CreateUserRequestBody | ✔️ | The request object to use for the request. |
?Operations\CreateUserResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors23 | 400, 401, 403, 422 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Returns a total count of all users that match the given filtering criteria.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
use Clerk\Backend\Models\Operations;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$request = new Operations\GetUsersCountRequest();
$response = $sdk->users->count(
request: $request
);
if ($response->totalCount !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
$request |
Operations\GetUsersCountRequest | ✔️ | The request object to use for the request. |
?Operations\GetUsersCountResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors24 | 422 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Retrieve the details of a user
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$response = $sdk->users->get(
userId: '<id>'
);
if ($response->user !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user to retrieve |
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors25 | 400, 401, 404 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Update a user's attributes.
You can set the user's primary contact identifiers (email address and phone numbers) by updating the primary_email_address_id and primary_phone_number_id attributes respectively.
Both IDs should correspond to verified identifications that belong to the user.
You can remove a user's username by setting the username attribute to null or the blank string "". This is a destructive action; the identification will be deleted forever. Usernames can be removed only if they are optional in your instance settings and there's at least one other identifier which can be used for authentication.
This endpoint allows changing a user's password. When passing the password parameter directly you have two further options.
You can ignore the password policy checks for your instance by setting the skip_password_checks parameter to true.
You can also choose to sign the user out of all their active sessions on any device once the password is updated. Just set sign_out_of_other_sessions to true.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
use Clerk\Backend\Models\Operations;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$requestBody = new Operations\UpdateUserRequestBody();
$response = $sdk->users->update(
userId: '<id>',
requestBody: $requestBody
);
if ($response->user !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user to update |
requestBody |
Operations\UpdateUserRequestBody | ✔️ | N/A |
?Operations\UpdateUserResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors26 | 400, 401, 404, 422 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Delete the specified user
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$response = $sdk->users->delete(
userId: '<id>'
);
if ($response->deletedObject !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user to delete |
?Operations\DeleteUserResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors27 | 400, 401, 404 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Marks the given user as banned, which means that all their sessions are revoked and they are not allowed to sign in again.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$response = $sdk->users->ban(
userId: '<id>'
);
if ($response->user !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user to ban |
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors28 | 402 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Removes the ban mark from the given user.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$response = $sdk->users->unban(
userId: '<id>'
);
if ($response->user !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user to unban |
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors29 | 402 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Marks the given user as locked, which means they are not allowed to sign in again until the lock expires. Lock duration can be configured in the instance's restrictions settings.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$response = $sdk->users->lock(
userId: '<id>'
);
if ($response->user !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user to lock |
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors29 | 403 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Removes the lock from the given user.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$response = $sdk->users->unlock(
userId: '<id>'
);
if ($response->user !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user to unlock |
?Operations\UnlockUserResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors29 | 403 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Update a user's profile image
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
use Clerk\Backend\Models\Operations;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$requestBody = new Operations\SetUserProfileImageRequestBody();
$response = $sdk->users->setProfileImage(
userId: '<id>',
requestBody: $requestBody
);
if ($response->user !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user to update the profile image for |
requestBody |
Operations\SetUserProfileImageRequestBody | ✔️ | N/A |
?Operations\SetUserProfileImageResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors29 | 400, 401, 404 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Delete a user's profile image
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$response = $sdk->users->deleteProfileImage(
userId: '<id>'
);
if ($response->user !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user to delete the profile image for |
?Operations\DeleteUserProfileImageResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors30 | 404 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Update a user's metadata attributes by merging existing values with the provided parameters.
This endpoint behaves differently than the Update a user endpoint. Metadata values will not be replaced entirely. Instead, a deep merge will be performed. Deep means that any nested JSON objects will be merged as well.
You can remove metadata keys at any level by setting their value to null.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
use Clerk\Backend\Models\Operations;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$requestBody = new Operations\UpdateUserMetadataRequestBody();
$response = $sdk->users->updateMetadata(
userId: '<id>',
requestBody: $requestBody
);
if ($response->user !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user whose metadata will be updated and merged |
requestBody |
?Operations\UpdateUserMetadataRequestBody | ➖ | N/A |
?Operations\UpdateUserMetadataResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors31 | 400, 401, 404, 422 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Fetch the corresponding OAuth access token for a user that has previously authenticated with a particular OAuth provider. For OAuth 2.0, if the access token has expired and we have a corresponding refresh token, the access token will be refreshed transparently the new one will be returned.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$response = $sdk->users->getOAuthAccessToken(
userId: '<id>',
provider: '<value>'
);
if ($response->responseBodies !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user for which to retrieve the OAuth access token |
provider |
string | ✔️ | The ID of the OAuth provider (e.g. oauth_google) |
?Operations\GetOAuthAccessTokenResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors32 | 400, 422 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Retrieve a paginated list of the user's organization memberships
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$response = $sdk->users->getOrganizationMemberships(
userId: '<id>',
limit: 10,
offset: 0
);
if ($response->organizationMemberships !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user whose organization memberships we want to retrieve |
limit |
?int | ➖ | Applies a limit to the number of results returned. Can be used for paginating the results together with offset. |
offset |
?int | ➖ | Skip the first offset results when paginating.Needs to be an integer greater or equal to zero. To be used in conjunction with limit. |
?Operations\UsersGetOrganizationMembershipsResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors33 | 403 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Retrieve a paginated list of the user's organization invitations
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
use Clerk\Backend\Models\Operations;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$response = $sdk->users->getOrganizationInvitations(
userId: '<id>',
limit: 10,
offset: 0,
status: Operations\QueryParamStatus::Pending
);
if ($response->organizationInvitationsWithPublicOrganizationData !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user whose organization invitations we want to retrieve |
limit |
?int | ➖ | Applies a limit to the number of results returned. Can be used for paginating the results together with offset. |
offset |
?int | ➖ | Skip the first offset results when paginating.Needs to be an integer greater or equal to zero. To be used in conjunction with limit. |
status |
?Operations\QueryParamStatus | ➖ | Filter organization invitations based on their status |
?Operations\UsersGetOrganizationInvitationsResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors33 | 400, 403, 404 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Check that the user's password matches the supplied input. Useful for custom auth flows and re-verification.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
use Clerk\Backend\Models\Operations;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$requestBody = new Operations\VerifyPasswordRequestBody(
password: 'fSBhIihdxMPlTHN',
);
$response = $sdk->users->verifyPassword(
userId: '<id>',
requestBody: $requestBody
);
if ($response->object !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user for whom to verify the password |
requestBody |
?Operations\VerifyPasswordRequestBody | ➖ | N/A |
?Operations\VerifyPasswordResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors34 | 500 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Verify that the provided TOTP or backup code is valid for the user. Verifying a backup code will result it in being consumed (i.e. it will become invalid). Useful for custom auth flows and re-verification.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
use Clerk\Backend\Models\Operations;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$requestBody = new Operations\VerifyTOTPRequestBody(
code: '<value>',
);
$response = $sdk->users->verifyTOTP(
userId: '<id>',
requestBody: $requestBody
);
if ($response->object !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user for whom to verify the TOTP |
requestBody |
?Operations\VerifyTOTPRequestBody | ➖ | N/A |
?Operations\VerifyTOTPResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors35 | 500 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Disable all of a user's MFA methods (e.g. OTP sent via SMS, TOTP on their authenticator app) at once.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$response = $sdk->users->disableMFA(
userId: '<id>'
);
if ($response->object !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user whose MFA methods are to be disabled |
?Operations\DisableMFAResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors35 | 404, 500 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Disable all of a user's backup codes.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$response = $sdk->users->deleteBackupCodes(
userId: '<id>'
);
if ($response->object !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user whose backup codes are to be deleted. |
?Operations\DeleteBackupCodeResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors36 | 404, 500 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Delete the passkey identification for a given user and notify them through email.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$response = $sdk->users->deletePasskey(
userId: '<id>',
passkeyIdentificationId: '<id>'
);
if ($response->deletedObject !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user that owns the passkey identity |
passkeyIdentificationId |
string | ✔️ | The ID of the passkey identity to be deleted |
?Operations\UserPasskeyDeleteResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors37 | 403, 404, 500 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Delete the web3 wallet identification for a given user.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$response = $sdk->users->deleteWeb3Wallet(
userId: '<id>',
web3WalletIdentificationId: '<id>'
);
if ($response->deletedObject !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user that owns the web3 wallet |
web3WalletIdentificationId |
string | ✔️ | The ID of the web3 wallet identity to be deleted |
?Operations\UserWeb3WalletDeleteResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors38 | 400, 403, 404, 500 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Creates a TOTP (Time-based One-Time Password) for a given user, returning both the TOTP secret and the URI.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$response = $sdk->users->createTOTP(
userId: '<id>'
);
if ($response->totp !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user for whom the TOTP is being created. |
?Operations\CreateUserTOTPResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors39 | 403, 404, 500 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Deletes all of the user's TOTPs.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$response = $sdk->users->deleteTotp(
userId: '<id>'
);
if ($response->object !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user whose TOTPs are to be deleted |
?Operations\DeleteTOTPResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors40 | 404, 500 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |
Delete an external account by ID.
declare(strict_types=1);
require 'vendor/autoload.php';
use Clerk\Backend;
$security = '<YOUR_BEARER_TOKEN_HERE>';
$sdk = Backend\ClerkBackend::builder()->setSecurity($security)->build();
$response = $sdk->users->deleteExternalAccount(
userId: '<id>',
externalAccountId: '<id>'
);
if ($response->deletedObject !== null) {
// handle response
}| Parameter | Type | Required | Description |
|---|---|---|---|
userId |
string | ✔️ | The ID of the user's external account |
externalAccountId |
string | ✔️ | The ID of the external account to delete |
?Operations\DeleteExternalAccountResponse
| Error Type | Status Code | Content Type |
|---|---|---|
| Errors\ClerkErrors41 | 400, 403, 404, 500 | application/json |
| Errors\SDKException | 4XX, 5XX | */* |