User

Field	Type	Description
`id`	`int`	Unique identifier for the user.
`is_deleted`	`boolean`	Shows if the user is deleted. With normal API permissions only users who are not deleted are returned.
`language`	`string` (language code)	The interface language for the user.
`gender`	`string`	`m` for male, `f` for female and `u` for undefined gender.
`firstname`	`string`	First name of the user.
`lastname`	`string`	Last name of the user.
`email`	`string`	E-mail address of the user.
`location`	`string`	Information about the location. Set by the user.
`about`	`string`	Some kind of information from the user about the user.
`country`	`string`	Country code in ISO 3166-1 alpha-2 format like ch, de, us.
`company`	`text`	Company of the user. Max. 255 characters.
`department`	`text`	Department of the user. Max. 255 characters.
`position`	`text`	Position of the user. Max. 255 characters.
`employment_start`	`datetime`	The employment start date of the user in format yyyy-mm-dd. The api won't return this property.
`image`	`string`	Absolute url to user image file.
`last_seen`	`datetime`	Date and time of the last login or api request for the user.
`first_seen`	`datetime`	Date and time of first login or null.
`customfields`	`json object`	User custom fields.
`score_level`	`int`	User-score level if the feature user-score is enabled and the user has a level assigned, `null` otherwise.
`score_points`	`int`	User-score points if the feature user-score is enabled and the user has already received points, `null` otherwise.
`auth_type`	`string`	User specific Auth Type. A list of all Auth Types.
~~`disclaimer_agreement`~~	`string`	Deprecated.
~~`gdpr_agreement`~~	`string`	Deprecated
`event_tracking_id`	`string`	Unique user id meant to be used by the event tracking system to identify a user without providing personally identifiable information (PII).
~~`is_hidden`~~	`boolean`	Deprecated. Will always return `false`
~~`is_system`~~	`boolean`	Deprecated. Renamed to `is_technical_user`. Will always return the value of `is_technical_user`
`is_technical_user`	`boolean`	Whether the user is a technical user or not

{
  "id": 42,
  "is_deleted": false,
  "is_hidden": false,
  "is_system": false,
  "is_technical_user": false,
  "language": "en",
  "gender": "m",
  "firstname": "Sherlock",
  "lastname": "Holmes",
  "email": "sherlock.holmes@example.com",
  "auth_type": "simple",
  "location": "Baker Street 221B, London",
  "about": "Private Detective",
  "country": "uk",
  "company": "Ward, Lock & Co",
  "department": "Investigations",
  "position": "Master Detective",
  "image": "https://cdn.example.com/user/6/i_2d1b84215e2f035a22f6fec213d3b1d9.jpg",
  "first_seen": "2015-02-02T11:31:05.000Z",
  "last_seen": "2017-02-02T15:02:00.000Z",
  "customfields": {
    "occupation": "Detective"
  },
  "score_level": 4,
  "score_points": 84,
  "event_tracking_id": "95543d35-255c-11e9-86c5-0242ac110007"
}

Disguise the critical information of a deleted User

In some situations, user resources (or certain fields of a user object) will be disguised (i.e. set to null) in the API response.

Disguise the question poser

When the question poser should remain anonymous (see question poser anonymity) in a certain context (e.g. the complete question endpoint), the full user object will be replaced by a single null value.

{
  "id": "666",
  "title": "Who am I?",
  "description": "This should be elementary.",
  "user": null,
  ...
}

Disguise deleted users

If the network setting anonymize_deleted_users is set to true, any critical data of the user will be disguised and replaced by null in the API response. This mainly includes the full name and email address of the deleted user. The object for a deleted user still contains the id field, so the API still gives enough information to know whether two deleted users objects are the same or if they correspond to different deleted users.

{
  "id": 10,
  "lastname": null,
  "firstname": null,
  "is_deleted": true,
  "is_technical_user": false,
  "company": null,
  "department": null,
  ...
}

Certain endpoints allow to override the network-setting for anonymization of deleted users with the parameter deanonymize_deleted_users=true (requires the role user_admin).

Anonymize user endpoint

According to GDPR regulations, a user can request to be anonymized, in order to delete all his personal data. Therefore we provide an endpoint (see User anonymize endpoint) that allows deleting all the personal data from the system.

Email Anonymization

If the network setting anonymize_users_email is enabled, the email address of all users (except for the user executing the API request) will be removed from API response (the email field of the user object will be null).

{
  "id": "123",
  "firstname": "Guy",
  "lastname": "Fawkes",
  "email": null,
  ...
}

Certain endpoints allow to override the network-setting for anonymization of email addresses with the parameter deanonymize_users_email (requires the role user_admin).