> ## Documentation Index
> Fetch the complete documentation index at: https://docs.baanx.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Get User Details

> Retrieves profile information for the authenticated user, including personal details, contact information, and verification status

## Overview

Use this endpoint to retrieve complete profile information for the authenticated user. This endpoint is essential for:

* Displaying user profile data in your application
* Checking verification state before performing operations that require verified users
* Validating user information before card orders or wallet operations
* Syncing user data with your application's database

## Authentication

This endpoint requires both client authentication and user authentication:

<ParamField header="x-client-key" type="string" required>
  Your client public key for API authentication
</ParamField>

<ParamField header="Authorization" type="string" required>
  Bearer token obtained from OAuth flow or login endpoint
</ParamField>

<ParamField header="x-us-env" type="boolean" default="false">
  Set to `true` to route requests to the US backend environment (if available for your client). Defaults to international environment.
</ParamField>

## Response

<ResponseField name="id" type="string">
  Unique identifier for the user (UUID format)
</ResponseField>

<ResponseField name="firstName" type="string">
  User's first name
</ResponseField>

<ResponseField name="lastName" type="string">
  User's last name
</ResponseField>

<ResponseField name="dateOfBirth" type="string">
  User's date of birth in YYYY-MM-DD format
</ResponseField>

<ResponseField name="email" type="string">
  User's email address
</ResponseField>

<ResponseField name="verificationState" type="string">
  Current verification status of the user. Possible values:

  * `UNVERIFIED` - User has not started verification
  * `PENDING` - Verification is in progress
  * `VERIFIED` - User is fully verified
  * `REJECTED` - Verification was rejected
</ResponseField>

<ResponseField name="phoneNumber" type="string">
  User's phone number without country code
</ResponseField>

<ResponseField name="phoneCountryCode" type="string">
  Phone number country code (e.g., "+44", "+1")
</ResponseField>

<ResponseField name="addressLine1" type="string">
  Primary address line
</ResponseField>

<ResponseField name="addressLine2" type="string | null">
  Secondary address line (optional)
</ResponseField>

<ResponseField name="city" type="string">
  City of residence
</ResponseField>

<ResponseField name="zip" type="string">
  Postal/ZIP code
</ResponseField>

<ResponseField name="countryOfResidence" type="string">
  ISO 3166-1 alpha-2 country code of residence (e.g., "GB", "US")
</ResponseField>

<ResponseField name="countryOfNationality" type="string">
  ISO 3166-1 alpha-2 country code of nationality (e.g., "GB", "US")
</ResponseField>

<ResponseField name="usState" type="string | null">
  US state code (only for US residents, null otherwise)
</ResponseField>

<ResponseField name="ssn" type="string | null">
  Social Security Number (only for US residents, null otherwise)
</ResponseField>

<ResponseField name="createdAt" type="string">
  Timestamp when the user account was created (ISO 8601 format with timezone)
</ResponseField>

## Examples

<CodeGroup>
  ```bash cURL theme={null}
  curl --request GET \
    --url https://dev.api.baanx.com/v1/user \
    --header 'Authorization: Bearer YOUR_ACCESS_TOKEN' \
    --header 'x-client-key: YOUR_CLIENT_KEY'
  ```

  ```javascript JavaScript theme={null}
  const response = await fetch('https://dev.api.baanx.com/v1/user', {
    method: 'GET',
    headers: {
      'Authorization': 'Bearer YOUR_ACCESS_TOKEN',
      'x-client-key': 'YOUR_CLIENT_KEY'
    }
  });

  const user = await response.json();
  console.log(user);
  ```

  ```typescript TypeScript theme={null}
  interface User {
    id: string;
    firstName: string;
    lastName: string;
    dateOfBirth: string;
    email: string;
    verificationState: 'UNVERIFIED' | 'PENDING' | 'VERIFIED' | 'REJECTED';
    phoneNumber: string;
    phoneCountryCode: string;
    addressLine1: string;
    addressLine2: string | null;
    city: string;
    zip: string;
    countryOfResidence: string;
    countryOfNationality: string;
    usState: string | null;
    ssn: string | null;
    createdAt: string;
  }

  const response = await fetch('https://dev.api.baanx.com/v1/user', {
    method: 'GET',
    headers: {
      'Authorization': 'Bearer YOUR_ACCESS_TOKEN',
      'x-client-key': 'YOUR_CLIENT_KEY'
    }
  });

  const user: User = await response.json();
  ```

  ```python Python theme={null}
  import requests

  url = "https://dev.api.baanx.com/v1/user"
  headers = {
      "Authorization": "Bearer YOUR_ACCESS_TOKEN",
      "x-client-key": "YOUR_CLIENT_KEY"
  }

  response = requests.get(url, headers=headers)
  user = response.json()
  print(user)
  ```
</CodeGroup>

### Response Example

```json theme={null}
{
  "id": "100a99cf-f4d3-4fa1-9be9-2e9828b20ebb",
  "firstName": "John",
  "lastName": "Doe",
  "dateOfBirth": "2000-01-01",
  "email": "email@example.com",
  "verificationState": "VERIFIED",
  "phoneNumber": "7400846282",
  "phoneCountryCode": "+44",
  "addressLine1": "23 Werrington Bridge Rd",
  "addressLine2": "Milking Nook",
  "city": "Peterborough",
  "zip": "PE6 7PP",
  "countryOfResidence": "GB",
  "countryOfNationality": "GB",
  "usState": null,
  "ssn": null,
  "createdAt": "2023-03-27 17:07:12.662+03"
}
```

## Error Responses

<ResponseExample>
  ```json 401 Unauthorized theme={null}
  {
    "message": "Not authenticated"
  }
  ```

  ```json 403 Forbidden theme={null}
  {
    "message": "Not authorized"
  }
  ```

  ```json 500 Internal Server Error theme={null}
  {
    "message": "Internal server error"
  }
  ```
</ResponseExample>

<Accordion title="Error Response Details">
  ### 401 Unauthorized

  The access token is missing, invalid, or expired. You need to:

  * Ensure the Authorization header is present and properly formatted
  * Verify the access token hasn't expired (6-hour lifetime)
  * Obtain a new access token using the refresh token if expired

  ### 403 Forbidden

  The access token is valid but doesn't have permission to access this resource. This may occur if:

  * The token doesn't belong to a valid user
  * The client key doesn't match the user's associated client
  * The user account has been suspended or disabled

  ### 500 Internal Server Error

  An unexpected error occurred on the server. If this persists:

  * Check the API status page
  * Contact support with the request timestamp
  * Implement retry logic with exponential backoff
</Accordion>

## Use Cases

### Check Verification Status Before Card Order

Before allowing users to order a card, verify their verification state:

```typescript theme={null}
async function canOrderCard(accessToken: string): Promise<boolean> {
  const response = await fetch('https://dev.api.baanx.com/v1/user', {
    headers: {
      'Authorization': `Bearer ${accessToken}`,
      'x-client-key': 'YOUR_CLIENT_KEY'
    }
  });

  const user = await response.json();
  return user.verificationState === 'VERIFIED';
}
```

### Display User Profile

Retrieve and display user information in your application:

```typescript theme={null}
async function getUserProfile(accessToken: string) {
  const response = await fetch('https://dev.api.baanx.com/v1/user', {
    headers: {
      'Authorization': `Bearer ${accessToken}`,
      'x-client-key': 'YOUR_CLIENT_KEY'
    }
  });

  if (!response.ok) {
    throw new Error('Failed to fetch user profile');
  }

  const user = await response.json();

  return {
    fullName: `${user.firstName} ${user.lastName}`,
    email: user.email,
    phone: `${user.phoneCountryCode}${user.phoneNumber}`,
    address: [
      user.addressLine1,
      user.addressLine2,
      user.city,
      user.zip
    ].filter(Boolean).join(', '),
    isVerified: user.verificationState === 'VERIFIED'
  };
}
```

## Important Notes

<Note>
  **Verification State**: Most operations (card orders, wallet operations) require users to have `VERIFIED` status. Always check the `verificationState` field before allowing protected operations.
</Note>

<Warning>
  **Sensitive Data**: The response contains sensitive personal information including SSN (for US users). Ensure you:

  * Handle this data securely in your application
  * Never log sensitive fields
  * Comply with data protection regulations (GDPR, CCPA, etc.)
  * Only store what's necessary for your use case
</Warning>

<Tip>
  **Caching**: User profile data doesn't change frequently. Consider implementing caching with appropriate TTL (5-15 minutes) to reduce API calls and improve performance.
</Tip>

## Edge Cases & Limitations

### Regional Variations

**US Users**: US-specific fields are populated:

```json theme={null}
{
  "usState": "CA",
  "ssn": "***-**-1234"
}
```

**International Users**: US-specific fields are null:

```json theme={null}
{
  "usState": null,
  "ssn": null
}
```

### Verification States

<AccordionGroup>
  <Accordion title="UNVERIFIED State">
    User has registered but hasn't started the verification process. They can:

    * Access their profile
    * Update basic information
    * View wallet balances

    They cannot:

    * Order cards
    * Perform withdrawals
    * Access certain wallet features
  </Accordion>

  <Accordion title="PENDING State">
    Verification is in progress. The user should wait for verification to complete. Typical processing time is 5-30 minutes, but may take longer for manual review.
  </Accordion>

  <Accordion title="VERIFIED State">
    Full access to all platform features. This is the required state for most financial operations.
  </Accordion>

  <Accordion title="REJECTED State">
    Verification failed. The user needs to:

    * Contact support to understand the rejection reason
    * Provide additional documentation if requested
    * Re-submit verification with corrected information

    Rejected users cannot access protected features until successfully verified.
  </Accordion>
</AccordionGroup>

### Optional Fields

The following fields may be `null` depending on user registration flow and region:

* `addressLine2` - Not required for all addresses
* `usState` - Only populated for US residents
* `ssn` - Only populated for US residents who provided SSN

Always check for null values before using these fields in your application.

## Rate Limiting

This endpoint is subject to standard rate limits:

* 1000 requests per minute per access token
* 10000 requests per hour per client

If you exceed these limits, you'll receive a 429 Too Many Requests response. Implement appropriate retry logic with exponential backoff.

## Related Endpoints

* [Start User Verification](/api-reference/user/verification) - Initiate identity verification process
* [Get Card Status](/api-reference/card/status) - Check if user has ordered a card
* [Get External Wallets](/api-reference/wallet/external) - View user's registered external wallet balances