User Type Reference
This page is a reference for all settings, attribute types, and constraint modifiers available when defining a user type schema. For step-by-step instructions on creating and managing user types, see User Types.
Attribute Types
Each attribute in a user type schema has a type. ThunderID supports the following attribute types:
| Type | Description |
|---|---|
string | Text value. Supports required, unique, credential, enum, and regex constraints. |
number | Numeric value. Supports required, unique, and enum constraints. |
boolean | True or false value. Supports required. |
object | Nested object with its own properties map. Supports required. Nested properties follow the same type rules. |
array | List of values. Requires an items definition specifying the item type (string, number, or object). |
Attribute Constraint Modifiers
Modifiers add validation and behavior rules to an attribute. You can combine multiple modifiers on a single attribute.
| Modifier | Applies To | What It Does | When to Use |
|---|---|---|---|
required | All types | The attribute must be provided on creation. ThunderID rejects the request if the value is missing. | Fields essential to the user's identity, such as email or username. |
unique | string, number | The value must be unique across all users. ThunderID rejects creation or update if a duplicate exists. | Natural identifiers like username, email, or employeeId. |
credential | string, number | ThunderID hashes and stores the value securely. Never returned in any API response, even to administrators. | Passwords or other sensitive secrets. |
enum | string, number | Restricts the value to a fixed set of allowed options. ThunderID rejects any value not in the list. | Controlled vocabularies like a department field limited to specific team names. |
regex | string | Validates the value against a regular expression on creation and update. ThunderID rejects values that do not match. | Format rules such as email patterns or password complexity requirements. |
Default Schemas
ThunderID includes two default user types with pre-defined schemas. You can use these as-is, customize them or create your own user types. See User Types for more information.
Person
An admin-managed user type. Self-registration is disabled and only an administrator can create these users.
| Attribute | Type | Constraints | Notes |
|---|---|---|---|
username | string | required, unique | Display attribute |
email | string | required, unique | Validated against email format |
email_verified | boolean | - | |
given_name | string | - | |
family_name | string | - | |
firstName | string | - | |
lastName | string | - | |
mobileNumber | string | - | |
phone_number | string | - | |
phone_number_verified | boolean | - | |
sub | string | - | |
name | string | - | |
picture | string | - | |
password | string | required, credential | Never returned in responses |
Customer
An end-user type designed for self-registration. Customers can sign up through an application's registration flow, or be created directly by an administrator.
| Attribute | Type | Constraints | Notes |
|---|---|---|---|
username | string | required, unique | Display attribute |
password | string | required, credential | Never returned in responses |
email | string | required, unique, regex | Validated against email format |
given_name | string | - | |
family_name | string | - | |
firstName | string | - | |
lastName | string | - | |
mobileNumber | string | - |
