It’s good to remember that the user ID is the immmutable identifier

The primary email address can be changed, therefore when handling user registration, the user id should be used to determine if it’s a known user.

Getting user data on the Frontend

If you only need the user data for a frontend usage, you can use the Hanko.user.getCurrent() function from the hanko-frontend-sdk (it is also re-exported from hanko-elements):

"use client";

import { Hanko } from "@teamhanko/hanko-elements";

const hankoApi = <YOUR_HANKO_API_URL>;
const hanko = new Hanko(hankoApi);

const {id, email} = await hanko.user.getCurrent();
console.log(`user-id: ${id}, email: ${email}`);

Please keep in mind that if you create a function to get the user data, you will be fetching data from the API again every time you call the function. We advise you to make sure the function is only called once for every user authentication.

Getting user data on the Backend

Getting user ID from the JWT

The Hanko API sends back a cookie upon successful authentication, which is then sent to the RP backend for each subsequent request. The cookie contains a JWT. One of the things we can get from this JWT is the user ID. We can use the jose library to decode the value of such a JWT:

import { cookies } from "next/headers";
import * as jose from "jose";

export async function userId() {
  const token = cookies().get("hanko")?.value;
  const payload = jose.decodeJwt(token ?? "");

  const userID = payload.sub;
  return userID;

Getting email from the JWT

In addition to the user ID, you can also fetch the current email address, including its verification status and whether it is set as the primary email.

import { cookies } from "next/headers";
import * as jose from "jose";

export async function emailData() {
  const token = cookies().get("hanko")?.value;
  const payload = jose.decodeJwt(token ?? "");

  /* email object looks like:
    address: '
    is_primary: true
    is_verified: true
  const emailData =;
  return emailData;

You can refer to JWT Payload Content docs for more information on the JWT payload.

Get user data using the Hanko Admin API

The Hanko Admin API provides detailed information about the status, user management, metrics and more. In this example we will focus on getting the data from a specific user. To get data for a specific user, call the /users/{id} endpoint of the Hanko Admin API, where id is the user id previously obtained from the JWT.

The Hanko Admin API is available in Hanko Pro and Enterprise plans. Check out our pricing page for more information.

You also need an API key secret to access the Hanko Admin API which can be generated under the Settings > API Keys section of your project.

const getUserData = async () => {
  const adminAPI = process.env.ADMIN_API;
  const adminSecret = process.env.ADMIN_SECRET;
  const options = {
    method: "GET",
    headers: {
      Authorization: `Bearer ${adminSecret}`,

  const response = await fetch(`${adminAPI}/users/${userID}`, options);

  return response.json();

const userData = await getUserData();
console.log("user data:", userData);