Python 2.7 has reached end of support
and will be
deprecated
on January 31, 2026. After deprecation, you won't be able to deploy Python 2.7
applications, even if your organization previously used an organization policy to
re-enable deployments of legacy runtimes. Your existing Python
2.7 applications will continue to run and receive traffic after their
deprecation date. We recommend that
you
migrate to the latest supported version of Python.
Stay organized with collections
Save and categorize content based on your preferences.
google.appengine.api.users module
Summary
The User Python datastore class to be used as a datastore data type.
Contents
- google.appengine.api.users.CreateLoginURL(dest_url=None, _auth_domain=None, federated_identity=None)source
Computes the login URL for redirection.
Parameters
-
dest_url – String that is the desired final destination URL for the user
once login is complete. If dest_url does not specify a host, the host
from the current request is used.
-
federated_identity – Decommissioned, don’t use. Setting this to a non-None
value raises a NotAllowedError
ReturnsLogin URL as a string. The login URL will use Google Accounts.
RaisesNotAllowedError – If federated_identity is not None.
- google.appengine.api.users.CreateLogoutURL(dest_url, _auth_domain=None)source
Computes the logout URL and specified destination URL for the request.
This function works for Google Accounts applications.
Parametersdest_url – String that is the desired final destination URL for the user
after the user has logged out. If dest_url does not specify a host,
the host from the current request is used.
ReturnsLogout URL as a string.
- exception google.appengine.api.users.Errorsource
-
Bases: exceptions.Exception
Base User error type.
- google.appengine.api.users.GetCurrentUser()source
-
Retrieves information associated with the user that is making a request.
Returns:
- google.appengine.api.users.IsCurrentUserAdmin()source
Specifies whether the user making a request is an application admin.
Because administrator status is not persisted in the datastore,
is_current_user_admin() is a separate function rather than a member function
of the User class. The status only exists for the user making the current
request.
ReturnsTrue if the user is an administrator; all other user types return False.
- class google.appengine.api.users.User(email=None, _auth_domain=None, _user_id=None, federated_identity=None, federated_provider=None, _strict_mode=True)source
-
Bases: object
Provides the email address, nickname, and ID for a user.
A nickname is a human-readable string that uniquely identifies a Google user,
akin to a username. For some users, this nickname is an email address, but for
other users, a different nickname is used.
A user is a Google Accounts user.
federated_identity and federated_provider are decommissioned and should
not be used.
- auth_domain()source
Obtains the user’s authentication domain.
ReturnsA string containing the authentication domain. This method is internal and
should not be used by client applications.
- email()source
-
Returns the user’s email address.
- federated_identity()source
Decommissioned, don’t use.
ReturnsA string containing the federated identity of the user. If the user is not
a federated user, None is returned.
- federated_provider()source
Decommissioned, don’t use.
ReturnsA string containing the federated provider. If the user is not a federated
user, None is returned.
- nickname()source
Returns the user’s nickname.
The nickname will be a unique, human readable identifier for this user with
respect to this application. It will be an email address for some users,
and part of the email address for some users.
ReturnsThe nickname of the user as a string.
- user_id()source
Obtains the user ID of the user.
ReturnsA permanent unique identifying string or None. If the email address was
set explicity, this will return None.
- google.appengine.api.users.create_login_url(dest_url=None, _auth_domain=None, federated_identity=None)source
Computes the login URL for redirection.
Parameters
-
dest_url – String that is the desired final destination URL for the user
once login is complete. If dest_url does not specify a host, the host
from the current request is used.
-
federated_identity – Decommissioned, don’t use. Setting this to a non-None
value raises a NotAllowedError
ReturnsLogin URL as a string. The login URL will use Google Accounts.
RaisesNotAllowedError – If federated_identity is not None.
- google.appengine.api.users.create_logout_url(dest_url, _auth_domain=None)source
Computes the logout URL and specified destination URL for the request.
This function works for Google Accounts applications.
Parametersdest_url – String that is the desired final destination URL for the user
after the user has logged out. If dest_url does not specify a host,
the host from the current request is used.
ReturnsLogout URL as a string.
- google.appengine.api.users.get_current_user()source
-
Retrieves information associated with the user that is making a request.
Returns:
- google.appengine.api.users.is_current_user_admin()source
Specifies whether the user making a request is an application admin.
Because administrator status is not persisted in the datastore,
is_current_user_admin() is a separate function rather than a member function
of the User class. The status only exists for the user making the current
request.
ReturnsTrue if the user is an administrator; all other user types return False.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-06-16 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-06-16 UTC."],[[["\u003cp\u003eThis module provides tools for managing user authentication and authorization within Google App Engine applications, using Google Accounts.\u003c/p\u003e\n"],["\u003cp\u003eYou can generate login URLs to redirect users for authentication and logout URLs to handle user sign-outs, with customizable destination URLs.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eUser\u003c/code\u003e class provides access to a user's email, nickname, user ID, and authentication domain, but federated identity features are deprecated.\u003c/p\u003e\n"],["\u003cp\u003eFunctions are available to retrieve information about the current user and determine if they have administrator privileges within the application.\u003c/p\u003e\n"],["\u003cp\u003eThe module defines several error types for handling issues related to user authentication, such as \u003ccode\u003eNotAllowedError\u003c/code\u003e, \u003ccode\u003eRedirectTooLongError\u003c/code\u003e, and \u003ccode\u003eUserNotFoundError\u003c/code\u003e.\u003c/p\u003e\n"]]],[],null,["# google.appengine.api.users module\n=================================\n\nSummary\n-------\n\nThe User Python datastore class to be used as a datastore data type.\n\nContents\n--------\n\ngoogle.appengine.api.users.CreateLoginURL(dest_url=None, _auth_domain=None, federated_identity=None)[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#create_login_url)\n\n: Computes the login URL for redirection.\n\n Parameters\n\n - dest_url -- String that is the desired final destination URL for the user\n once login is complete. If `dest_url` does not specify a host, the host\n from the current request is used.\n\n - federated_identity -- Decommissioned, don't use. Setting this to a non-None\n value raises a NotAllowedError\n\n Returns\n\n Login URL as a string. The login URL will use Google Accounts.\n Raises\n\n[NotAllowedError](#google.appengine.api.users.NotAllowedError) -- If federated_identity is not None. \n\ngoogle.appengine.api.users.CreateLogoutURL(dest_url, _auth_domain=None)[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#create_logout_url)\n\n: Computes the logout URL and specified destination URL for the request.\n\n This function works for Google Accounts applications.\n Parameters\n\n dest_url -- String that is the desired final destination URL for the user\n after the user has logged out. If `dest_url` does not specify a host,\n the host from the current request is used.\n Returns\n\nLogout URL as a string. \n\n*exception* google.appengine.api.users.Error[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#Error)\n\n: Bases: exceptions.Exception\n\nBase User error type. \n\ngoogle.appengine.api.users.GetCurrentUser()[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#get_current_user)\n\n: Retrieves information associated with the user that is making a request.\n\nReturns: \n\ngoogle.appengine.api.users.IsCurrentUserAdmin()[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#is_current_user_admin)\n\n: Specifies whether the user making a request is an application admin.\n\n Because administrator status is not persisted in the datastore,\n `is_current_user_admin()` is a separate function rather than a member function\n of the `User` class. The status only exists for the user making the current\n request.\n Returns\n\n`True` if the user is an administrator; all other user types return `False`. \n\n*exception* google.appengine.api.users.NotAllowedError[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#NotAllowedError)\n\n: Bases: [google.appengine.api.users.Error](#google.appengine.api.users.Error)\n\nThe requested redirect URL is not allowed. \n\n*exception* google.appengine.api.users.RedirectTooLongError[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#RedirectTooLongError)\n\n: Bases: [google.appengine.api.users.Error](#google.appengine.api.users.Error)\n\nThe generated redirect URL was too long. \n\n*class* google.appengine.api.users.User(email=None, _auth_domain=None, _user_id=None, federated_identity=None, federated_provider=None, _strict_mode=True)[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#User)\n\n: Bases: object\n\n Provides the email address, nickname, and ID for a user.\n\n A nickname is a human-readable string that uniquely identifies a Google user,\n akin to a username. For some users, this nickname is an email address, but for\n other users, a different nickname is used.\n\n A user is a Google Accounts user.\n\n `federated_identity` and `federated_provider` are decommissioned and should\n not be used. \n\n auth_domain()[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#User.auth_domain)\n\n : Obtains the user's authentication domain.\n\n Returns\n\n A string containing the authentication domain. This method is internal and\n should not be used by client applications. \n\n email()[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#User.email)\n\n : Returns the user's email address.\n\n federated_identity()[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#User.federated_identity)\n\n : Decommissioned, don't use.\n\n Returns\n\n A string containing the federated identity of the user. If the user is not\n a federated user, `None` is returned. \n\n federated_provider()[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#User.federated_provider)\n\n : Decommissioned, don't use.\n\n Returns\n\n A string containing the federated provider. If the user is not a federated\n user, `None` is returned. \n\n nickname()[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#User.nickname)\n\n : Returns the user's nickname.\n\n The nickname will be a unique, human readable identifier for this user with\n respect to this application. It will be an email address for some users,\n and part of the email address for some users.\n Returns\n\n The nickname of the user as a string. \n\n user_id()[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#User.user_id)\n\n : Obtains the user ID of the user.\n\n Returns\n\n A permanent unique identifying string or `None`. If the email address was\nset explicity, this will return `None`. \n\n*exception* google.appengine.api.users.UserNotFoundError[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#UserNotFoundError)\n\n: Bases: [google.appengine.api.users.Error](#google.appengine.api.users.Error)\n\nNo email argument was specified, and no user is logged in. \n\ngoogle.appengine.api.users.create_login_url(dest_url=None, _auth_domain=None, federated_identity=None)[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#create_login_url)\n\n: Computes the login URL for redirection.\n\n Parameters\n\n - dest_url -- String that is the desired final destination URL for the user\n once login is complete. If `dest_url` does not specify a host, the host\n from the current request is used.\n\n - federated_identity -- Decommissioned, don't use. Setting this to a non-None\n value raises a NotAllowedError\n\n Returns\n\n Login URL as a string. The login URL will use Google Accounts.\n Raises\n\n[NotAllowedError](#google.appengine.api.users.NotAllowedError) -- If federated_identity is not None. \n\ngoogle.appengine.api.users.create_logout_url(dest_url, _auth_domain=None)[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#create_logout_url)\n\n: Computes the logout URL and specified destination URL for the request.\n\n This function works for Google Accounts applications.\n Parameters\n\n dest_url -- String that is the desired final destination URL for the user\n after the user has logged out. If `dest_url` does not specify a host,\n the host from the current request is used.\n Returns\n\nLogout URL as a string. \n\ngoogle.appengine.api.users.get_current_user()[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#get_current_user)\n\n: Retrieves information associated with the user that is making a request.\n\nReturns: \n\ngoogle.appengine.api.users.is_current_user_admin()[source](/appengine/docs/legacy/standard/python/refdocs/modules/google/appengine/api/users#is_current_user_admin)\n\n: Specifies whether the user making a request is an application admin.\n\n Because administrator status is not persisted in the datastore,\n `is_current_user_admin()` is a separate function rather than a member function\n of the `User` class. The status only exists for the user making the current\n request.\n Returns\n\n `True` if the user is an administrator; all other user types return `False`."]]
