> ## Documentation Index
> Fetch the complete documentation index at: https://postflow.app/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Get authorized user

> Returns details about the currently authenticated user using your API key.



## OpenAPI

````yaml /public/api.json get /user
openapi: 3.1.0
info:
  title: PostFlow
  version: '1'
  description: >-
    The PostFlow API gives you access to analytics data from your PostFlow
    organization and provides you with tools for scheduling and publishing
    social media posts directly from your own application, automation tool, or
    AI assistant.


    ### What is PostFlow?

    PostFlow is a social media management platform designed to help teams and
    creators plan, collaborate, and publish social media content.


    ### Base URL

    The base URL for the PostFlow API is:


    ```http

    https://api.postflow.app/v1

    ```


    For media requests use base URL:

    ```http

    https://media.postflow.app/api/v1

    ```



    ### Authentication

    All API requests require a bearer token in the Authorization header.


    You can generate an API token from your [PostFlow account
    settings](https://new.postflow.app/settings/account/api). Once you have your
    token, include it in the Authorization header of your API requests as
    follows:



    ```http

    Authorization: Bearer YOUR_API_TOKEN

    ```



    ### Headers


    API requests must include the following headers:


    ```http

    Accept: application/json

    Content-Type: application/json

    ```


    ### Make your first request

    Once you have a token, you can make requests directly to the API. The
    following example returns basic information about your organization:


    ```bash

    curl https://api.postflow.app/v1/organizations \
      -H "Authorization: Bearer YOUR_API_TOKEN" \
      -H "Accept: application/json"
    ```


    ## Rate limits


    The PostFlow API implements rate limiting to ensure fair usage and protect
    against abuse. The default limit is **60 requests per minute** per
    authenticated user.


    Each API response includes the following headers with information about your
    current rate limit status:


    - `X-RateLimit-Limit` - maximum number of requests allowed per minute

    - `X-RateLimit-Remaining` - number of requests remaining in the current
    window

    - `X-RateLimit-Reset` - Unix timestamp when the rate limit resets


    ## PostFlow IDs


    Every object in the PostFlow API has a unique ID. PostFlow uses a system
    called "Snowflake ID" created by Twitter.


    These IDs are **64-bit unsigned integers**. Some programming languages
    (JavaScript) cannot accurately represent 64-bit integers.


    > **Warning:** You must **ALWAYS** use strings for PostFlow IDs in your
    code.



    ### String vs integer in Javascript


    In JavaScript, integers are limited to 53 bits. This causes precision loss
    with large IDs:


    ```javascript

    // This loses precision!

    const id = 10765432100123456789;

    console.log(id.toString()); // "10765432100123458000" — wrong!


    // Use strings instead

    const id = "10765432100123456789";

    console.log(id); // "10765432100123456789" — correct!

    ```


    ### Comparing IDs


    Examples of how you can compare PostFlow IDs:



    ```javascript javascript

    // Use BigInt


    if (BigInt(post1.id) > BigInt(post2.id)) {
        console.log("post1 is newer");
    }

    ```


    ```python python

    # Python handles large integers natively


    if post1.id > post2.id:
        print("post1 is newer")
    ```


    ```php php

    # PHP is safe with 64-bit integers


    if (post1->id > post2->id) {
        dd("post1 is newer");
    }

    ```


    ## Relationships & includes


    Some endpoints support the `include` query parameter to enrich the response
    with related resources. Pass a comma-separated list of relationship names to
    load them alongside the primary data.


    ```http

    GET /posts?include=media

    ```


    Multiple relationships can be included by separating them with a comma:


    ```http

    GET /posts?include=media,labels,postComments

    ```


    ## OpenAPI collection


    The raw OpenAPI specifications for the PostFlow API are available below.
    They can be used with various API tools and code generators that support the
    OpenAPI format.


    - [PostFlow API](https://postflow.app/docs/public/api.json)

    - [Media API](https://postflow.app/docs/public/media.json)


    > You can copy the above URLs to import them into API tools such as Postman.
servers:
  - url: https://api.postflow.app/v1
security:
  - http: []
tags:
  - name: User
  - name: Organization
  - name: Social accounts
  - name: Posts
  - name: Posts bulk
  - name: Post activities
  - name: Post metrics
  - name: Analytics
  - name: Widgets
  - name: Calendar notes
  - name: Groups
  - name: Labels
paths:
  /user:
    get:
      tags:
        - User
      summary: Get authorized user
      description: >-
        Returns details about the currently authenticated user using your API
        key.
      operationId: user.user
      responses:
        '200':
          description: '`UserData`'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserData'
        '401':
          $ref: '#/components/responses/AuthenticationException'
components:
  schemas:
    UserData:
      type: object
      properties:
        id:
          type: string
        name:
          type: string
        email:
          type: string
        phone:
          type:
            - string
            - 'null'
        inviter_id:
          type:
            - string
            - 'null'
          description: The ID of the user who invited the user to the organization
        organization_id:
          type: string
        role:
          $ref: '#/components/schemas/UserRole'
        is_client:
          type: boolean
        can_approve:
          type: boolean
          description: Determines whether the user can approve posts
        can_connect_account:
          type: boolean
          description: >-
            Determines whether the user can connect social media accounts to the
            organization
        can_access_all_groups:
          type: boolean
          description: >-
            Determines whether the user has permissions to all groups in the
            organization. If not, check the permissions for the individual
            groups in `groupIds`
        self_approval:
          type: boolean
          description: >-
            Automatically grant your approval when you assign yourself as the
            assignee
        time_format_24:
          type: boolean
          description: The user's preferred time format
        week_start_day:
          $ref: '#/components/schemas/WeekDay'
          description: >-
            The user's preferred start of the calendar week


            `0` Sunday <br/> `1` Monday <br/> `2` Tuesday <br/> `3` Wednesday
            <br/> `4` Thursday <br/> `5` Friday <br/> `6` Saturday
        date_format:
          $ref: '#/components/schemas/DateFormat'
          description: |-
            The user's preferred date format

            `1` DMY <br/> `2` MDY <br/> `3` YMD
        color:
          $ref: '#/components/schemas/BaseColor'
        avatar:
          type:
            - string
            - 'null'
          description: URL to the profile image of the user
        invited_at:
          type:
            - string
            - 'null'
          format: date-time
          description: The date the user was invited to join the organization
        created_at:
          type: string
          format: date-time
          description: The date the user signed up
        open_cu_links_in_app:
          type: boolean
          description: >-
            The user's preference for how to open ClickUp links, in the app or
            in a browser
          default: false
        groupIds:
          type: array
          description: >-
            The IDs of the groups the user has access to. Always check
            `can_access_all_groups` first to see if the user has access to all
            groups.


            If the user has permissions to all groups, this value will be an
            empty array
          default: []
          items:
            type: string
      required:
        - id
        - name
        - email
        - phone
        - inviter_id
        - organization_id
        - role
        - is_client
        - can_approve
        - can_connect_account
        - can_access_all_groups
        - self_approval
        - time_format_24
        - week_start_day
        - date_format
        - color
        - avatar
        - invited_at
        - created_at
        - open_cu_links_in_app
        - groupIds
      title: UserData
    UserRole:
      type: string
      enum:
        - owner
        - manager
        - member
        - viewer
      x-enum-varnames:
        - Owner
        - Manager
        - Member
        - Viewer
      title: UserRole
    WeekDay:
      type: integer
      enum:
        - 0
        - 1
        - 2
        - 3
        - 4
        - 5
        - 6
      x-enum-varnames:
        - Sunday
        - Monday
        - Tuesday
        - Wednesday
        - Thursday
        - Friday
        - Saturday
      description: >-
        `0` Sunday <br/> `1` Monday <br/> `2` Tuesday <br/> `3` Wednesday <br/>
        `4` Thursday <br/> `5` Friday <br/> `6` Saturday
      title: WeekDay
    DateFormat:
      type: integer
      enum:
        - 1
        - 2
        - 3
      x-enum-varnames:
        - DMY
        - MDY
        - YMD
      description: '`1` DMY <br/> `2` MDY <br/> `3` YMD'
      title: DateFormat
    BaseColor:
      type: integer
      enum:
        - 1
        - 2
        - 3
        - 4
        - 5
        - 6
        - 7
        - 8
        - 9
      x-enum-varnames:
        - Red
        - Green
        - Blue
        - Yellow
        - Orange
        - Pink
        - Purple
        - Sky
        - Gray
      description: >-
        `1` Red <br/> `2` Green <br/> `3` Blue <br/> `4` Yellow <br/> `5` Orange
        <br/> `6` Pink <br/> `7` Purple <br/> `8` Sky <br/> `9` Gray
      title: BaseColor
  responses:
    AuthenticationException:
      description: Unauthenticated
      content:
        application/json:
          schema:
            type: object
            properties:
              message:
                type: string
                description: Error overview.
            required:
              - message
  securitySchemes:
    http:
      type: http
      scheme: bearer

````