Skip to main content
GET
/
users
/
{id}
Get a user by ID
curl --request GET \
  --url https://{tenant_id}.hanko.io/users/{id} \
  --cookie hanko=
import requests

url = "https://{tenant_id}.hanko.io/users/{id}"

headers = {"cookie": "hanko="}

response = requests.get(url, headers=headers)

print(response.text)
const options = {method: 'GET', headers: {cookie: 'hanko='}};

fetch('https://{tenant_id}.hanko.io/users/{id}', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://{tenant_id}.hanko.io/users/{id}",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_COOKIE => "hanko=",
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"net/http"
"io"
)

func main() {

url := "https://{tenant_id}.hanko.io/users/{id}"

req, _ := http.NewRequest("GET", url, nil)

req.Header.Add("cookie", "hanko=")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.get("https://{tenant_id}.hanko.io/users/{id}")
.header("cookie", "hanko=")
.asString();
require 'uri'
require 'net/http'

url = URI("https://{tenant_id}.hanko.io/users/{id}")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Get.new(url)
request["cookie"] = 'hanko='

response = http.request(request)
puts response.read_body
{
  "id": "c339547d-e17d-4ba7-8a1d-b3d5a4d17c1c",
  "user_id": "c339547d-e17d-4ba7-8a1d-b3d5a4d17c1c",
  "emails": [
    {
      "id": "5333cc5b-c7c4-48cf-8248-9c184ac72b65",
      "address": "john.doe@example.com",
      "is_verified": true,
      "is_primary": false
    }
  ],
  "created_at": "2023-11-07T05:31:56Z",
  "updated_at": "2023-11-07T05:31:56Z",
  "passkeys": [
    {
      "id": "5333cc5b-c7c4-48cf-8248-9c184ac72b65",
      "name": "iCloud",
      "public_key": "pQECYyagASFYIBblARCP_at3cmprjzQN1lJ...",
      "attestation_type": "packed",
      "aaguid": "01020304-0506-0708-0102-030405060708",
      "last_used_at": "2026-02-24T21:40:36.26936Z",
      "created_at": "2026-02-24T21:40:36.26936Z",
      "transports": [
        "internal"
      ],
      "backup_eligible": true,
      "backup_state": true,
      "mfa_only": false
    }
  ],
  "security_keys": [
    {
      "id": "f826013e-e7e3-4366-a6d8-9359effc8cdd",
      "name": "Yubikey Bio",
      "public_key": "aNMEEyadASFYIBblARCP_at3cmp4gg3zQN1lJ...",
      "attestation_type": "packed",
      "aaguid": "90636e1f-ef82-43bf-bdcf-5255f139d12f",
      "last_used_at": "2026-02-24T21:40:36.26936Z",
      "created_at": "2026-02-24T21:40:36.26936Z",
      "transports": [
        "usb"
      ],
      "backup_eligible": true,
      "backup_state": false,
      "mfa_only": true
    }
  ],
  "metadata": {
    "public_metadata": {
      "role": "admin"
    },
    "unsafe_metadata": {
      "birthday": "2025-05-12"
    }
  },
  "name": "<string>",
  "given_name": "<string>",
  "family_name": "<string>",
  "picture": "<string>",
  "mfa_config": {
    "auth_app_set_up": true,
    "totp_enabled": true,
    "security_key_enabled": true
  },
  "email": "jsmith@example.com",
  "username": "<string>",
  "webauthn_credentials": [
    {
      "id": "5333cc5b-c7c4-48cf-8248-9c184ac72b65",
      "name": "iCloud",
      "public_key": "pQECYyagASFYIBblARCP_at3cmprjzQN1lJ...",
      "attestation_type": "packed",
      "aaguid": "01020304-0506-0708-0102-030405060708",
      "last_used_at": "2026-02-24T21:40:36.26936Z",
      "created_at": "2026-02-24T21:40:36.26936Z",
      "transports": [
        "internal"
      ],
      "backup_eligible": true,
      "backup_state": true,
      "mfa_only": false
    },
    {
      "id": "f826013e-e7e3-4366-a6d8-9359effc8cdd",
      "name": "Yubikey Bio",
      "public_key": "aNMEEyadASFYIBblARCP_at3cmp4gg3zQN1lJ...",
      "attestation_type": "packed",
      "aaguid": "90636e1f-ef82-43bf-bdcf-5255f139d12f",
      "last_used_at": "2026-02-24T21:40:36.26936Z",
      "created_at": "2026-02-24T21:40:36.26936Z",
      "transports": [
        "usb"
      ],
      "backup_eligible": true,
      "backup_state": false,
      "mfa_only": true
    }
  ]
}
{
"code": 400,
"message": "Bad Request"
}
{
"code": 403,
"message": "Forbidden"
}
{
"code": 404,
"message": "Not found"
}
{
"code": 500,
"message": "Internal Server Error"
}

Authorizations

hanko
string
cookie
required

Path Parameters

id
string<uuid4>
required

ID of the user

Example:

"c339547d-e17d-4ba7-8a1d-b3d5a4d17c1c"

Response

Details for a user retrieved by ID

id
string<uuid4>
deprecated

The ID of the user. Deprecated, use user_id instead.

Example:

"c339547d-e17d-4ba7-8a1d-b3d5a4d17c1c"

user_id
string<uuid4>

The ID of the user

Example:

"c339547d-e17d-4ba7-8a1d-b3d5a4d17c1c"

emails
object[]
Example:
[
{
"id": "5333cc5b-c7c4-48cf-8248-9c184ac72b65",
"address": "john.doe@example.com",
"is_verified": true,
"is_primary": false
}
]
created_at
string<date-time>

Time of creation of the the user

updated_at
string<date-time>

Time of last update of the user

passkeys
object[]
Example:
[
{
"id": "5333cc5b-c7c4-48cf-8248-9c184ac72b65",
"name": "iCloud",
"public_key": "pQECYyagASFYIBblARCP_at3cmprjzQN1lJ...",
"attestation_type": "packed",
"aaguid": "01020304-0506-0708-0102-030405060708",
"last_used_at": "2026-02-24T21:40:36.26936Z",
"created_at": "2026-02-24T21:40:36.26936Z",
"transports": ["internal"],
"backup_eligible": true,
"backup_state": true,
"mfa_only": false
}
]
security_keys
object[]
Example:
[
{
"id": "f826013e-e7e3-4366-a6d8-9359effc8cdd",
"name": "Yubikey Bio",
"public_key": "aNMEEyadASFYIBblARCP_at3cmp4gg3zQN1lJ...",
"attestation_type": "packed",
"aaguid": "90636e1f-ef82-43bf-bdcf-5255f139d12f",
"last_used_at": "2026-02-24T21:40:36.26936Z",
"created_at": "2026-02-24T21:40:36.26936Z",
"transports": ["usb"],
"backup_eligible": true,
"backup_state": false,
"mfa_only": true
}
]
metadata
object

The public and unsafe metadata of a user

name
string
given_name
string
family_name
string
picture
string<uri>
mfa_config
object
email
string<email>

The email address of the user

username
string

The username of the user

webauthn_credentials
object[]

A list of WebAuthn credentials

Example:
[
{
"id": "5333cc5b-c7c4-48cf-8248-9c184ac72b65",
"name": "iCloud",
"public_key": "pQECYyagASFYIBblARCP_at3cmprjzQN1lJ...",
"attestation_type": "packed",
"aaguid": "01020304-0506-0708-0102-030405060708",
"last_used_at": "2026-02-24T21:40:36.26936Z",
"created_at": "2026-02-24T21:40:36.26936Z",
"transports": ["internal"],
"backup_eligible": true,
"backup_state": true,
"mfa_only": false
},
{
"id": "f826013e-e7e3-4366-a6d8-9359effc8cdd",
"name": "Yubikey Bio",
"public_key": "aNMEEyadASFYIBblARCP_at3cmp4gg3zQN1lJ...",
"attestation_type": "packed",
"aaguid": "90636e1f-ef82-43bf-bdcf-5255f139d12f",
"last_used_at": "2026-02-24T21:40:36.26936Z",
"created_at": "2026-02-24T21:40:36.26936Z",
"transports": ["usb"],
"backup_eligible": true,
"backup_state": false,
"mfa_only": true
}
]