Users & Metadata
Understand how users and user-related data are handled in Tzylo Auth CE.
Tzylo Auth CE manages authentication-related user data and keeps the user model intentionally minimal.
This allows applications to define their own user profiles and domain-specific data without being constrained by the auth system.
User identity
Each user in Tzylo Auth CE is uniquely identified by an internal user ID.
- Email is used as the primary login identifier
- Passwords are securely hashed
- User IDs remain stable across sessions
What Auth CE stores
Tzylo Auth CE stores only authentication-related data:
- User ID
- Email address
- Password hash
- Token and session state
What your application stores
Application-specific user data should live in your own database.
- Profile information (name, avatar, bio)
- Roles and permissions
- Business-specific attributes
Metadata philosophy
Tzylo Auth CE does not enforce a rigid metadata schema.
Instead, it focuses on authentication correctness and leaves authorization and domain modeling to your application.
Accessing user information
The authenticated user can be retrieved using:
GET /meThis endpoint returns the authenticated user’s basic identity information.
Extending users
A common pattern is:
- Authenticate users via Tzylo Auth CE
- Store application-specific data in your own database
- Link records using the Auth CE user ID
This keeps responsibilities clearly separated.