The User service (client.user) allows you to access information about the user associated with your API key, including account details, bank accounts, and Shopify sessions.
Get User Information
Retrieve comprehensive information about your user account:
Email for notifications (if different from main email)
business_name
string|null
Business or company name
customer_id
string|null
Bridge customer ID for KYC/banking
kyc_complete
boolean
Whether KYC verification is completed
kyc_link_id
string|null
Bridge KYC link identifier
polar_balance_usdc
number
Current USDC balance in user's SuiPay account
shopifyConfigurationId
string|null
Associated Shopify configuration ID
created_at
string
Account creation timestamp
updated_at
string
Last account update timestamp
Usage Examples
Security Note: This method returns sensitive information including the user's current USDC balance (polar_balance_usdc) and Bridge customer ID (customer_id). Ensure this data is handled securely and not exposed to unauthorized parties.
Get User Bank Accounts
Retrieve a list of bank accounts associated with your user account:
Response Type
Bank Account Fields
Field
Type
Description
id
string
SuiPay bank account identifier
user_id
string
Associated user identifier
bridge_id
string
Bridge service account identifier
bank_name
string?
Name of the bank (optional)
last_four
string
Last 4 digits of account number
country_code
string
Country code for the account
account_type
string
Type of bank account (e.g., checking, savings)
created_at
string
Account connection timestamp
updated_at
string
Last account update timestamp
Usage Examples
Get User Shopify Sessions
Retrieve a list of Shopify sessions associated with your user account (only applicable for Shopify-integrated users):
Response Type
Shopify Session Fields
Field
Type
Description
id
string
Session identifier
shop
string
Shopify shop domain
state
string
OAuth state parameter
isOnline
boolean
Whether this is an online session
scope
string?
Granted OAuth scopes (optional)
expires
string?
Session expiration time (optional)
accessToken
string
Shopify access token
userId
string?
Shopify user ID (optional)
createdAt
string
Session creation timestamp
updatedAt
string
Last session update timestamp
Usage Examples
Security Warning: This method returns Shopify access tokens (accessToken) which are highly sensitive. These tokens should never be logged, stored insecurely, or transmitted to client applications. Handle with extreme care.
Error Handling
All user methods can throw specific error types:
Common Error Scenarios
Error Type
Description
Common Causes
SuiPayAuthenticationError
Invalid or missing API key
Wrong API key, deactivated key
SuiPayServerError
Server-side error
Temporary service issues
Network errors
Connection issues
Network connectivity problems
Complete User Information Example
Here's a comprehensive example showing how to get and display all user information:
Access Control
Important: API keys are scoped to specific users. When you use an API key:
The API key can only access the user account it was created for
You cannot access other users' data with your API key
All resources (payment links, withdrawals, bank accounts) are tied to your user account
Sensitive data like balances and access tokens are returned - handle with care
This ensures proper isolation and security between different API key holders.
Data Handling Best Practices
Sensitive Information
The user methods return sensitive data that requires careful handling:
Sensitive Fields:
polar_balance_usdc: Current balance - don't cache or log
customer_id: Bridge customer ID - used for KYC/banking
accessToken: Shopify tokens - extremely sensitive
kyc_complete: KYC status - may be subject to regulations
Security Recommendations
Never log sensitive fields in application logs
Use HTTPS only for all communications
Implement proper access controls in your application
Don't cache sensitive data like balances or tokens
Regularly rotate API keys and monitor usage
Follow data retention policies for financial information
// List bank accounts and check verification status
try {
const bankAccounts = await client.user.getBankAccounts();
if (bankAccounts.length === 0) {
console.log('No bank accounts connected');
console.log('Connect a bank account in your SuiPay dashboard to enable withdrawals');
} else {
console.log('Connected bank accounts:');
bankAccounts.forEach((account, index) => {
console.log(`${index + 1}. ${account.bank_name || 'Bank'}`);
console.log(` Type: ${account.account_type}`);
console.log(` Last 4: ****${account.last_four}`);
console.log(` Country: ${account.country_code}`);
});
}
} catch (error) {
console.error('Failed to get bank accounts:', error);
}
// Find a specific bank account for withdrawals
const bankAccounts = await client.user.getBankAccounts();
const primaryAccount = bankAccounts.find(account =>
account.account_type === 'checking'
);
if (primaryAccount) {
console.log(`Using primary account: ${primaryAccount.bank_name || 'Bank'} (****${primaryAccount.last_four})`);
// Use primaryAccount.id for withdrawal requests
} else {
console.log('No checking account available');
}
import {
SuiPayAuthenticationError,
SuiPayServerError
} from '@suipay/api';
try {
const user = await client.user.get();
} catch (error) {
if (error instanceof SuiPayAuthenticationError) {
console.error('Authentication failed - check your API key');
} else if (error instanceof SuiPayServerError) {
console.error('Server error:', error.status, error.message);
} else {
console.error('Unexpected error:', error);
}
}
async function displayUserProfile() {
try {
// Get basic user info
const user = await client.user.get();
console.log('=== User Profile ===');
console.log(`Name: ${user.business_name || user.email}`);
console.log(`Email: ${user.email}`);
console.log(`Sign-in Method: ${user.sign_in_method}`);
console.log(`Balance: ${user.polar_balance_usdc} USDC`);
console.log(`KYC Status: ${user.kyc_complete ? '✅ Verified' : '❌ Pending'}`);
console.log(`Account Created: ${new Date(user.created_at).toLocaleDateString()}`);
// Get bank accounts
console.log('\n=== Bank Accounts ===');
const bankAccounts = await client.user.getBankAccounts();
if (bankAccounts.length === 0) {
console.log('No bank accounts connected');
} else {
bankAccounts.forEach((account, index) => {
console.log(`${index + 1}. ${account.bank_name || 'Bank'}`);
console.log(` Type: ${account.account_type}`);
console.log(` Last 4: ****${account.last_four}`);
console.log(` Country: ${account.country_code}`);
});
}
// Get Shopify sessions (if applicable)
if (user.sign_in_method === 'SHOPIFY') {
console.log('\n=== Shopify Integration ===');
const sessions = await client.user.getSessions();
if (sessions.length === 0) {
console.log('No active Shopify sessions');
} else {
sessions.forEach(session => {
console.log(`Shop: ${session.shop}`);
console.log(`User ID: ${session.userId || 'N/A'}`);
console.log(`Status: ${session.isOnline ? 'Online' : 'Offline'}`);
console.log(`Created: ${new Date(session.createdAt).toLocaleDateString()}`);
});
}
}
} catch (error) {
console.error('Failed to load user profile:', error);
}
}
// ✅ Good - handle sensitive data properly
const user = await client.user.get();
const publicUserData = {
id: user.id,
email: user.email,
business_name: user.business_name,
kyc_complete: user.kyc_complete
};
// Only expose non-sensitive data to frontend
// ❌ Bad - don't expose sensitive data
const user = await client.user.get();
// Don't send entire user object to frontend
// Don't log user.customer_id or user.polar_balance_usdc
// ✅ Good logging practice
console.log(`User ${user.id} retrieved profile data`);
// ❌ Bad - don't log sensitive data
console.log('User data:', user); // Contains sensitive fields
