Get the current user

GET /api/v1/user

StackHawk Current User

This endpoint provides details about the requesting user. This information helps determine what access an authorized user has on the StackHawk platform, and how they are authenticated.

The StackHawk user is seperated into two sections. provider specifies how the user authenticates. external specifies details of the user, and the access they have to the StackHawk Platform.

User

A StackHawk User as identified by the platform.

Parameter	Default	Description
stackhawkId	""	An internal identifier for this user. This is not the user uuid.
provider	{}	Information about the login provider assigned to this user. Read More
external	{}	Information about the user itself, and how they appear in the platform. Read More
createdTimestamp	0	Creation timestamp of this user.

ProviderInfo

Information about a users access Provider to the StackHawk platform.

Parameter	Default	Description
slug	"UNKNOWN"	User access provider.
clientId	""	Provider client Id.
created	0	Milliseconds since epoch timestamp of when the user access was granted.

UserExternal

Information about the User and how they can access the platform.

Parameter	Default	Description
id	""	The UUID identifier of this user.
email	""	Users email address.
firstName	""	Users first name.
lastName	""	Users last name.
fullName	""	Users full name.
avatarUrl	""	Users avatar url.
applicationIds	[]	An array of application ids this user has access to.
organizations	[]	Organizations a user is a part of. Read More
preferences	{}	User preferences; options that can be set by the user. Read More
metadata	[]	Metadata associated to this external user. Primarily used for stuffing 3rd party verification data.
teams	[]	Teams this user belongs to.

UserPreferences

User settings and preferences for interaction within StackHawk.

Parameter	Default	Description
dontReceiveWeeklyEmail	false	If the user will be opted out of weekly organization update emails.
defaultOrganizationId	""	The UUID identifier of the organization a user currently logs into.
dontReceiveTrialingEmails	false	If `true`, the user will be opted out of stackhawk subscription-trialing notifications.

User preferences can be adjusted from the account settings page in the StackHawk platform.

UserOrganization

Represents the relationship between a User and an Organization they belong to.

Parameter	Default	Description
organization	{}	The StackHawk organization this user belongs to.
role	"UNKNOWN"	The organization role the user belongs to within this organization.
features	[]	Specific access features available to this organization.
metadata	[]	The user's organizational specific metadata.
achievements	[]	Specific product journey events that have triggered for this user.
permissions	[]	Permissions the User has in this organization.

Organization

A StackHawk Organization.

Parameter	Default	Description
id	""	The UUID identifier of this StackHawk Organization.
name	""	The name of this Organization.
subscription	{}	The billing subscription of this Organization.
isLinkedToExternalBilling	false	If this organization is yet connected to external billing (Stripe).
plan	""	The feature plan this organization belongs to.
features	[]	Specific overrides to the feature flags in the plan.
settings	{}	Organization settings.
createdTimestamp	0	Creation timestamp of this organization.

A StackHawk platform user can belong to many organizations.

Requires read:profile permission.

Response

200

Response of the current user.

unclaimedInviteOrganizationIds

string[] write-only

Unclaimed invitations to the organization.

user

user.User

Hide child attributesShow child attributes

user.createdTimestamp

integer<int64>

Creation timestamp of this user.

user.external

user.UserExternal

Hide child attributesShow child attributes

user.external.applicationIds

string[]

An array of application ids this user has access to.

user.external.avatarUrl

string

Users avatar url.

user.external.email

string

Users email address.

user.external.firstName

string

Users first name.

user.external.fullName

string

Users full name.

user.external.id

string

The UUID identifier of this user.

user.external.lastName

string

Users last name.

user.external.metadata

user.UserMetadata[]

Metadata associated to this external user. Primarily used for stuffing 3rd party verification data.

Hide child attributesShow child attributes

user.external.metadata.name

string

Metadata name.

user.external.metadata.value

string

Metadata value.

user.external.organizations

user.UserOrganization[]

Organizations a user is a part of.

Hide child attributesShow child attributes

user.external.organizations.achievements

user.UserAchievement[]

Specific product journey events that have triggered for this user.

Hide child attributesShow child attributes

user.external.organizations.achievements.achievement

enum<string>

Achievement event. One of a few defined events that can happen.

5 available options

UNKNOWN_ACHIEVEMENTCLI_RAN_HAWK_INITCLI_RAN_FIRST_SCANCLI_FIRST_SCAN_SUCCESSCLI_AUTHENTICATED_SCAN_SUCCESS

user.external.organizations.achievements.timestamp

integer<int64>

Achievement timestamp.

user.external.organizations.features

feature.Feature[]

Specific access features available to this organization.

Hide child attributesShow child attributes

user.external.organizations.features.enabled

boolean

If the feature is enabled.

user.external.organizations.features.name

string

The name of the feature.

user.external.organizations.metadata

user.UserMetadata[]

The user's organizational specific metadata.

Hide child attributesShow child attributes

user.external.organizations.metadata.name

string

Metadata name.

user.external.organizations.metadata.value

string

Metadata value.

user.external.organizations.organization

organization.Organization

Hide child attributesShow child attributes

user.external.organizations.organization.createdTimestamp

integer<int64>

Creation timestamp of this organization.

user.external.organizations.organization.features

feature.Feature[]

Specific overrides to the feature flags in the plan.

Hide child attributesShow child attributes

user.external.organizations.organization.features.enabled

boolean

If the feature is enabled.

user.external.organizations.organization.features.name

string

The name of the feature.

user.external.organizations.organization.id

string

The UUID identifier of this StackHawk Organization.

user.external.organizations.organization.isLinkedToExternalBilling

boolean

If this organization is yet connected to external billing (Stripe).

user.external.organizations.organization.name

string

The name of this Organization.

user.external.organizations.organization.plan

string

The feature plan this organization belongs to.

user.external.organizations.organization.settings

organization.OrgSettings

Hide child attributesShow child attributes

user.external.organizations.organization.settings.cloudScanSettings

organization.CloudScanSettings

Hide child attributesShow child attributes

user.external.organizations.organization.settings.cloudScanSettings.dayOfMonthUsagePeriodStart

integer<int32>

day of the month Cloud Scan usage period starts

user.external.organizations.organization.settings.cloudScanSettings.hawkscanVersion

string

HawkScan Docker image version for hosted/cloud scans ("dev" or "latest")

user.external.organizations.organization.settings.cloudScanSettings.targetVerificationId

string

id for the current verification of the target org domain

user.external.organizations.organization.settings.cloudScanSettings.usagePeriodLimitSeconds

integer<int64>

allotment of seconds per usage period the org has for Cloud Scans

user.external.organizations.organization.settings.cloudScanSettings.whitelistedDomains

string[]

domains that are whitelisted to bypass DNS TXT verification (e.g., "stackhawk.com", "acme.com")

user.external.organizations.organization.settings.customPluginLimit

integer<int64>

number of custom plugins a company is allowed to register.

user.external.organizations.organization.settings.inviteLimit

integer<int64>

Maximum pending invites for this org. 0 indicates to use the default.

user.external.organizations.organization.settings.ipAllowListingSettings

organization.IPAllowListingSettings

Hide child attributesShow child attributes

user.external.organizations.organization.settings.ipAllowListingSettings.ipv4CidrRange

string[]

List of allowed ipv4 CIDR ranges API connections must come through. All IPs are allowed if this list is empty.

user.external.organizations.organization.settings.isOrganizationSamlOnly

boolean

default is false, therefore all auth methods are allowed by default.

user.external.organizations.organization.settings.isTurnedOffAI

boolean

default is false, therefore AI enabled.

user.external.organizations.organization.settings.isTurnedOffOASGen

boolean

default is false, therefore OAS generation is enabled.

user.external.organizations.organization.settings.limitedMemberRoleSettings

organization.LimitedMemberSettings

Hide child attributesShow child attributes

user.external.organizations.organization.settings.limitedMemberRoleSettings.isTurnedOffFindingTriage

boolean

disable MEMBER triaging of findings from the api and platform

user.external.organizations.organization.settings.limitedMemberRoleSettings.isTurnedOffReportDownloads

boolean

disable MEMBER reporting downloads from the api and platform

user.external.organizations.organization.settings.screenrSettings

organization.ScreenrSettings

Hide child attributesShow child attributes

user.external.organizations.organization.settings.screenrSettings.browserMode

enum<string>

Wire default is APP (0); falcon treats APP as "defaulted" and applies WITH_CONTROLS. Set to NO_CONTROLS to explicitly opt into Chrome --app mode.

3 available options

APPWITH_CONTROLSNO_CONTROLS

user.external.organizations.organization.settings.screenrSettings.podSize

enum<string>

Defaults to SMALL (0).

3 available options

SMALLMEDIUMLARGE

user.external.organizations.organization.subscription

organization.Subscription

Hide child attributesShow child attributes

user.external.organizations.organization.subscription.appCount

integer<int64>

Soft application limit for this organization

user.external.organizations.organization.subscription.customerId

string

CustomerId from billing provider

user.external.organizations.organization.subscription.endDate

integer<int64>

End Date of this subscription, in seconds from epoch

user.external.organizations.organization.subscription.isEnabled

boolean

If external billing is enabled

user.external.organizations.organization.subscription.isSelfServe

boolean

If the subscription was created via self-serve or not

user.external.organizations.organization.subscription.productId

string

The ID of the purchased product subscription

user.external.organizations.organization.subscription.productName

string

The name of the purchased product subscription

user.external.organizations.organization.subscription.quantity

integer<int64>

The quantity of units in this subscription

user.external.organizations.organization.subscription.recurringInterval

enum<string>

The billing recurring interval for this subscription

3 available options

RECURRING_INTERVAL_UNKNOWNMONTHYEAR

user.external.organizations.organization.subscription.recurringIntervalCount

integer<int64>

How often in the recurring interval billing occurs

user.external.organizations.organization.subscription.stackhawkOrgId

string

The organization UUID for this subscription

user.external.organizations.organization.subscription.startDate

integer<int64>

Start Date of this subscription, in seconds from epoch

user.external.organizations.organization.subscription.status

enum<string>

The status of the organization subscription

10 available options

SUBSCRIPTION_UNKNOWNTRIALINGACTIVEINCOMPLETECANCELLEDFREEINCOMPLETE_EXPIREDPAST_DUEUNPAIDDOWNGRADED

user.external.organizations.organization.subscription.subscriptionId

string

SubscriptionId from billing provider

user.external.organizations.organization.subscription.unitAmount

integer<int64>

The number of units with this subscription

user.external.organizations.organization.subscription.userCount

integer<int64>

Soft user limit for this organization

user.external.organizations.permissions

string[]

Permissions the User has in this organization.

user.external.organizations.role

enum<string>

The organization role the user belongs to within this organization.

7 available options

UNKNOWNOWNERADMINMEMBERTEAM_ADMINVIEW_ONLYSCAN_ONLY_SERVICE_ACCOUNT

user.external.preferences

user.UserPreferences

Hide child attributesShow child attributes

user.external.preferences.defaultOrganizationId

string

The UUID identifier of the organization a user currently logs into.

user.external.preferences.dontReceiveTrialingEmails

boolean

If `true`, the user will be opted out of stackhawk subscription-trialing notifications.

user.external.preferences.dontReceiveUpdatesEmail

boolean write-only

UNUSED. (currently unused) if `true`, the user will be opted out of Company Update emails.

user.external.preferences.dontReceiveWeeklyEmail

boolean

If the user will be opted out of weekly organization update emails.

user.external.teams

user.UserTeam[]

Teams this user belongs to.

Hide child attributesShow child attributes

user.external.teams.id

string

The UUID identifier of the team.

user.external.teams.name

string

The name of the team.

user.external.teams.organizationId

string

The organization ID this team belongs to.

user.organizationIds

string[] write-only deprecated

OrganizationIds **deprecated** - 4/26/22.

user.provider

user.ProviderInfo

Hide child attributesShow child attributes

user.provider.clientId

string

Provider client Id.

user.provider.created

integer<int64>

Milliseconds since epoch timestamp of when the user access was granted.

user.provider.slug

enum<string>

User access provider.

5 available options

GITHUBGOOGLESTACKHAWKSAMLIDPAZURE

user.stackhawkId

string write-only

An internal identifier for this user. _This is not the user uuid_.

unclaimedInviteOrganizationIds

string[] write-only

Unclaimed invitations to the organization.

user

user.User

Hide child attributesShow child attributes

user.createdTimestamp

integer<int64>

Creation timestamp of this user.

user.external

user.UserExternal

Hide child attributesShow child attributes

user.external.applicationIds

string[]

An array of application ids this user has access to.

user.external.avatarUrl

string

Users avatar url.

user.external.email

string

Users email address.

user.external.firstName

string

Users first name.

user.external.fullName

string

Users full name.

user.external.id

string

The UUID identifier of this user.

user.external.lastName

string

Users last name.

user.external.metadata

user.UserMetadata[]

Metadata associated to this external user. Primarily used for stuffing 3rd party verification data.

Hide child attributesShow child attributes

user.external.metadata.name

string

Metadata name.

user.external.metadata.value

string

Metadata value.

user.external.organizations

user.UserOrganization[]

Organizations a user is a part of.

Hide child attributesShow child attributes

user.external.organizations.achievements

user.UserAchievement[]

Specific product journey events that have triggered for this user.

Hide child attributesShow child attributes

user.external.organizations.achievements.achievement

enum<string>

Achievement event. One of a few defined events that can happen.

5 available options

UNKNOWN_ACHIEVEMENTCLI_RAN_HAWK_INITCLI_RAN_FIRST_SCANCLI_FIRST_SCAN_SUCCESSCLI_AUTHENTICATED_SCAN_SUCCESS

user.external.organizations.achievements.timestamp

integer<int64>

Achievement timestamp.

user.external.organizations.features

feature.Feature[]

Specific access features available to this organization.

Hide child attributesShow child attributes

user.external.organizations.features.enabled

boolean

If the feature is enabled.

user.external.organizations.features.name

string

The name of the feature.

user.external.organizations.metadata

user.UserMetadata[]

The user's organizational specific metadata.

Hide child attributesShow child attributes

user.external.organizations.metadata.name

string

Metadata name.

user.external.organizations.metadata.value

string

Metadata value.

user.external.organizations.organization

organization.Organization

Hide child attributesShow child attributes

user.external.organizations.organization.createdTimestamp

integer<int64>

Creation timestamp of this organization.

user.external.organizations.organization.features

feature.Feature[]

Specific overrides to the feature flags in the plan.

Hide child attributesShow child attributes

user.external.organizations.organization.features.enabled

boolean

If the feature is enabled.

user.external.organizations.organization.features.name

string

The name of the feature.

user.external.organizations.organization.id

string

The UUID identifier of this StackHawk Organization.

user.external.organizations.organization.isLinkedToExternalBilling

boolean

If this organization is yet connected to external billing (Stripe).

user.external.organizations.organization.name

string

The name of this Organization.

user.external.organizations.organization.plan

string

The feature plan this organization belongs to.

user.external.organizations.organization.settings

organization.OrgSettings

Hide child attributesShow child attributes

user.external.organizations.organization.settings.cloudScanSettings

organization.CloudScanSettings

Hide child attributesShow child attributes

user.external.organizations.organization.settings.cloudScanSettings.dayOfMonthUsagePeriodStart

integer<int32>

day of the month Cloud Scan usage period starts

user.external.organizations.organization.settings.cloudScanSettings.hawkscanVersion

string

HawkScan Docker image version for hosted/cloud scans ("dev" or "latest")

user.external.organizations.organization.settings.cloudScanSettings.targetVerificationId

string

id for the current verification of the target org domain

user.external.organizations.organization.settings.cloudScanSettings.usagePeriodLimitSeconds

integer<int64>

allotment of seconds per usage period the org has for Cloud Scans

user.external.organizations.organization.settings.cloudScanSettings.whitelistedDomains

string[]

domains that are whitelisted to bypass DNS TXT verification (e.g., "stackhawk.com", "acme.com")

user.external.organizations.organization.settings.customPluginLimit

integer<int64>

number of custom plugins a company is allowed to register.

user.external.organizations.organization.settings.inviteLimit

integer<int64>

Maximum pending invites for this org. 0 indicates to use the default.

user.external.organizations.organization.settings.ipAllowListingSettings

organization.IPAllowListingSettings

Hide child attributesShow child attributes

user.external.organizations.organization.settings.ipAllowListingSettings.ipv4CidrRange

string[]

List of allowed ipv4 CIDR ranges API connections must come through. All IPs are allowed if this list is empty.

user.external.organizations.organization.settings.isOrganizationSamlOnly

boolean

default is false, therefore all auth methods are allowed by default.

user.external.organizations.organization.settings.isTurnedOffAI

boolean

default is false, therefore AI enabled.

user.external.organizations.organization.settings.isTurnedOffOASGen

boolean

default is false, therefore OAS generation is enabled.

user.external.organizations.organization.settings.limitedMemberRoleSettings

organization.LimitedMemberSettings

Hide child attributesShow child attributes

user.external.organizations.organization.settings.limitedMemberRoleSettings.isTurnedOffFindingTriage

boolean

disable MEMBER triaging of findings from the api and platform

user.external.organizations.organization.settings.limitedMemberRoleSettings.isTurnedOffReportDownloads

boolean

disable MEMBER reporting downloads from the api and platform

user.external.organizations.organization.settings.screenrSettings

organization.ScreenrSettings

Hide child attributesShow child attributes

user.external.organizations.organization.settings.screenrSettings.browserMode

enum<string>

Wire default is APP (0); falcon treats APP as "defaulted" and applies WITH_CONTROLS. Set to NO_CONTROLS to explicitly opt into Chrome --app mode.

3 available options

APPWITH_CONTROLSNO_CONTROLS

user.external.organizations.organization.settings.screenrSettings.podSize

enum<string>

Defaults to SMALL (0).

3 available options

SMALLMEDIUMLARGE

user.external.organizations.organization.subscription

organization.Subscription

Hide child attributesShow child attributes

user.external.organizations.organization.subscription.appCount

integer<int64>

Soft application limit for this organization

user.external.organizations.organization.subscription.customerId

string

CustomerId from billing provider

user.external.organizations.organization.subscription.endDate

integer<int64>

End Date of this subscription, in seconds from epoch

user.external.organizations.organization.subscription.isEnabled

boolean

If external billing is enabled

user.external.organizations.organization.subscription.isSelfServe

boolean

If the subscription was created via self-serve or not

user.external.organizations.organization.subscription.productId

string

The ID of the purchased product subscription

user.external.organizations.organization.subscription.productName

string

The name of the purchased product subscription

user.external.organizations.organization.subscription.quantity

integer<int64>

The quantity of units in this subscription

user.external.organizations.organization.subscription.recurringInterval

enum<string>

The billing recurring interval for this subscription

3 available options

RECURRING_INTERVAL_UNKNOWNMONTHYEAR

user.external.organizations.organization.subscription.recurringIntervalCount

integer<int64>

How often in the recurring interval billing occurs

user.external.organizations.organization.subscription.stackhawkOrgId

string

The organization UUID for this subscription

user.external.organizations.organization.subscription.startDate

integer<int64>

Start Date of this subscription, in seconds from epoch

user.external.organizations.organization.subscription.status

enum<string>

The status of the organization subscription

10 available options

SUBSCRIPTION_UNKNOWNTRIALINGACTIVEINCOMPLETECANCELLEDFREEINCOMPLETE_EXPIREDPAST_DUEUNPAIDDOWNGRADED

user.external.organizations.organization.subscription.subscriptionId

string

SubscriptionId from billing provider

user.external.organizations.organization.subscription.unitAmount

integer<int64>

The number of units with this subscription

user.external.organizations.organization.subscription.userCount

integer<int64>

Soft user limit for this organization

user.external.organizations.permissions

string[]

Permissions the User has in this organization.

user.external.organizations.role

enum<string>

The organization role the user belongs to within this organization.

7 available options

UNKNOWNOWNERADMINMEMBERTEAM_ADMINVIEW_ONLYSCAN_ONLY_SERVICE_ACCOUNT

user.external.preferences

user.UserPreferences

Hide child attributesShow child attributes

user.external.preferences.defaultOrganizationId

string

The UUID identifier of the organization a user currently logs into.

user.external.preferences.dontReceiveTrialingEmails

boolean

If `true`, the user will be opted out of stackhawk subscription-trialing notifications.

user.external.preferences.dontReceiveUpdatesEmail

boolean write-only

UNUSED. (currently unused) if `true`, the user will be opted out of Company Update emails.

user.external.preferences.dontReceiveWeeklyEmail

boolean

If the user will be opted out of weekly organization update emails.

user.external.teams

user.UserTeam[]

Teams this user belongs to.

Hide child attributesShow child attributes

user.external.teams.id

string

The UUID identifier of the team.

user.external.teams.name

string

The name of the team.

user.external.teams.organizationId

string

The organization ID this team belongs to.

user.organizationIds

string[] write-only deprecated

OrganizationIds **deprecated** - 4/26/22.

user.provider

user.ProviderInfo

Hide child attributesShow child attributes

user.provider.clientId

string

Provider client Id.

user.provider.created

integer<int64>

Milliseconds since epoch timestamp of when the user access was granted.

user.provider.slug

enum<string>

User access provider.

5 available options

GITHUBGOOGLESTACKHAWKSAMLIDPAZURE

user.stackhawkId

string write-only

An internal identifier for this user. _This is not the user uuid_.

GET /api/v1/user

cURL

curl --request GET \
  --url 'https://api.stackhawk.com/api/v1/user' \
  --header 'Authorization: Bearer YOUR_ACCESS_TOKEN'

Copy

StackHawk Current User

User

ProviderInfo

UserExternal

UserPreferences

UserOrganization

Organization

Response

Your privacy settings