The Users module provides authenticated users with a focused set of methods to retrieve, update, verify, or delete their own profile information. These APIs are scoped to the logged-in user. User creation, session management, and tenant access are now delegated to the auth and tenants modules.
This module only exposes endpoints related to the current user (/api/me) and does not support administrative actions like creating or managing other users. Creating users would be done by the user via nile.auth.signUp(), and managing users that are not yourself is not yet support.

getSelf

The nile.users.getSelf() method retrieves the profile of the currently authenticated user. Internally, this maps to a GET /api/me request. This is typically used to display account settings, personalize the UI, or check tenant memberships after a login. 
const me = await nile.users.getSelf();

Returns

A User object or raw Response: 
interface User {
  id: string;
  email: string;
  name?: string;
  familyName?: string;
  givenName?: string;
  picture?: string;
  created: string;
  updated?: string;
  emailVerified?: boolean;
  tenants: { id: string }[];
}
If the user is not authenticated or their session is invalid, this will return a 401.

updateSelf

The nile.users.updateSelf() method allows the currently authenticated user to update their own profile using PUT /api/me. Use this to let users edit profile settings like name or profile picture. Fields not included in the update are left unchanged. 
await nile.users.updateSelf({ name: 'Jane Doe', picture: 'https://example.com/photo.png' });

Allowed Fields

  • name: Full display name of the user
  • familyName: Surname or last name
  • givenName: First name
  • picture: Optional URL to an avatar or profile image
  • emailVerified: The date when the email was verified
The following fields cannot be modified: email, tenants, created, updated, or id.
If the user is not authenticated, a 401 will be returned.

removeSelf

This method deletes the current user’s account by sending a DELETE /api/me request. This is a soft delete operation — the user will no longer be able to sign in, but their historical data may still exist in the system for audit purposes. This action also clears all authentication headers that are maintained server-side. It would be necessary remove client side cookies as well for completeness. 
await nile.users.removeSelf();

Returns

A Response object:
  • 200 OK if the user was successfully marked for deletion
  • 401 Unauthorized if not logged in
  • 404 Not Found if the user does not exist
This is often used in account settings for “Delete My Account” functionality.

verifySelf

This method initiates an email verification flow for the current user by POSTing to /auth/verify-email. In production, this sends an email containing a link to verify the account, if configured. In development or testing, it can optionally skip the email step and mark the user as verified. 
await nile.users.verifySelf({ callbackUrl: 'https://example.com/verified' });

Options

  • callbackUrl: Optional. Where to redirect the user after successful verification.
  • bypassEmail: Optional. If true, skips the email and sets emailVerified = true directly.
This bypass is useful for local development and CI environments where SMTP is not configured.

Returns

  • If bypassEmail is used, resolves to the updated User object.
  • Otherwise, resolves to a Response from the verification endpoint.
Use nile.auth.signUp() and nile.auth.signIn() for authentication, and manage other users through tenant-related APIs where applicable.