Skip to main content

GCIPUser

Authenticated user session with comprehensive profile and token information.

Represents a complete user authentication session from Google Cloud Identity Platform including profile data, authentication tokens, provider information, and security settings. Used for maintaining user sessions and accessing protected resources.

type GCIPUser {
  uid: String!
  email: String
  emailVerified: Boolean
  displayName: String
  photoUrl: String
  phoneNumber: String
  disabled: Boolean
  isAnonymous: Boolean
  metadata: GCIPMetadata
  tokensValidAfterTime: String
  tenantId: String
  providerData: [GCIPProviderData!]
  passwordHash: String
  passwordSalt: String
  authDomain: String
  lastLoginAt: DateTime
  createdAt: DateTime
  accessToken: String!
  refreshToken: String!
  expirationTime: DateTime
  multiFactor: MultiFactor
}

Fields

GCIPUser.uid ● String! non-null scalar

Unique user identifier for authentication and authorization.

Permanent identifier for the user account, either supplied during user creation or automatically generated. Used throughout the system for user identification and session management.

GCIPUser.email ● String scalar

Primary email address for the user account.

Email address used for authentication, communication, and account recovery. Must be unique across the system and serves as the primary login identifier.

GCIPUser.emailVerified ● Boolean scalar

Email verification status for account security.

Indicates whether the user has verified ownership of their email address through the verification process. Affects account security and feature access.

GCIPUser.displayName ● String scalar

User's display name for personalization.

Human-readable name shown in user interfaces and communications. Can be different from the email address and is used for personalized user experiences.

GCIPUser.photoUrl ● String scalar

Profile photo URL for user avatar display.

URL pointing to the user's profile picture, used for avatar display in user interfaces and social features.

GCIPUser.phoneNumber ● String scalar

Phone number for two-factor authentication and communication.

User's phone number used for SMS-based authentication, account recovery, and optional communication preferences.

GCIPUser.disabled ● Boolean scalar

Account status indicating if the user has been disabled.

When true, the user account is disabled and cannot be used for authentication. Used for account suspension and security management.

GCIPUser.isAnonymous ● Boolean scalar

Anonymous session indicator for guest users.

Indicates whether this is an anonymous user session without full authentication. Anonymous users have limited access to system features.

GCIPUser.metadata ● GCIPMetadata object

User account metadata and activity timestamps.

Contains important timestamps related to user account activity, authentication events, and session management for auditing and security purposes.

GCIPUser.tokensValidAfterTime ● String scalar

Token validity threshold timestamp.

All tokens issued before this time are considered invalid. Used for security purposes when user credentials are compromised or changed.

GCIPUser.tenantId ● String scalar

Authentication environment identifier.

Identifies the specific authentication environment or tenant context for this user account.

GCIPUser.providerData ● [GCIPProviderData!] list object

External authentication providers linked to this user.

List of external authentication services (Google, Facebook, etc.) that can be used to authenticate this user account.

GCIPUser.passwordHash ● String scalar

Encrypted password hash for security.

Cryptographically hashed password used for authentication. Never exposed in plain text for security reasons.

GCIPUser.passwordSalt ● String scalar

Password encryption salt for enhanced security.

Random data used in password hashing to prevent rainbow table attacks and enhance password security.

GCIPUser.authDomain ● String scalar

Authentication domain for the user account.

Domain context for user authentication, used for multi-domain authentication scenarios.

GCIPUser.lastLoginAt ● DateTime scalar

Timestamp of the user's most recent login.

Records when the user last successfully authenticated, used for security monitoring and session tracking.

GCIPUser.createdAt ● DateTime scalar

User account creation timestamp.

Records when the user account was originally created in the authentication system.

GCIPUser.accessToken ● String! non-null scalar

JWT access token for API authentication.

Short-lived token used to authenticate API requests and access protected resources. Contains user claims and permissions for authorization decisions.

GCIPUser.refreshToken ● String! non-null scalar

Refresh token for session renewal.

Long-lived token used to obtain new access tokens when they expire, enabling persistent user sessions without requiring re-authentication.

GCIPUser.expirationTime ● DateTime scalar

Access token expiration timestamp.

Date and time when the current access token expires and needs to be refreshed. Used for automatic token renewal and session management.

GCIPUser.multiFactor ● MultiFactor object

Multi-factor authentication configuration and status.

Contains information about the user's MFA setup including enrolled factors, backup codes, and authentication preferences for enhanced account security.

Returned By

authentication query

Member Of

Login object