Skip to main content

User API

The user router provides access to user profiles and roles within the current tenant. User identities are managed by Clerk -- this router exposes read-only tenant-scoped views.

Router namespace: user

Source: src/server/trpc/routers/user.ts

Procedures

ProcedureTypeAccessDescription
listqueryadminList all users in the tenant
getRolequerytenantGet the current user's role

list

Returns all users belonging to the current tenant with their profile information. Restricted to admin users.

user.list.queryOptions()

Access: Admin only

Input

None.

Response

[
  {
    "id": "user_abc123",
    "email": "alice@example.com",
    "firstName": "Alice",
    "lastName": "Smith",
    "role": "admin",
    "lastActiveAt": "2026-03-20T16:00:00.000Z"
  },
  {
    "id": "user_def456",
    "email": "bob@example.com",
    "firstName": "Bob",
    "lastName": "Jones",
    "role": "viewer",
    "lastActiveAt": "2026-03-19T09:30:00.000Z"
  }
]

Example

const trpc = useTRPC();
const { data: users } = useQuery(
  trpc.user.list.queryOptions()
);

const admins = users?.filter((u) => u.role === "admin");

getRole

Returns the role of the currently authenticated user. This is useful for client-side permission checks to conditionally render admin-only UI.

user.getRole.queryOptions()

Input

None.

Response

{
  "role": "admin"
}

Possible values: "admin", "manager", "viewer".

Role Permissions

RoleScoringConfigConnectorsUsers
adminRead/WriteRead/WriteRead/WriteRead
managerRead/WriteReadRead--
viewerReadRead----

Example

const trpc = useTRPC();
const { data } = useQuery(
  trpc.user.getRole.queryOptions()
);

const isAdmin = data?.role === "admin";
Clerk-Managed Roles

Roles are assigned in Clerk and synced to the application. To change a user's role, update it in the Clerk dashboard. See Authentication for details on role-based access control.