Oihana PHP System

User extends Person uses HasProtectedResource, UserTrait

Represents a User resource within an OAuth2 and RBAC (Role-Based Access Control) context.

Tags
since
1.0.2
author

Marc Alcaraz

Table of Contents

Constants

ACTIVATED  : string = 'activated'
Indicates whether the user account has completed its activation flow.
APP_META_DATA  : string = 'appMetadata'
Read-only metadata associated with the user.
BLOCKED_FOR  : string = 'blockedFor'
Indicates why or for which scope the user is blocked.
CONTEXT  : string = \xyz\oihana\schema\constants\Oihana::SCHEMA
The @context of the json-ld representation of the thing.
DEVICES  : string = 'devices'
Collection of known or trusted user devices.
FIRST_LOGIN_AT  : string = 'firstLoginAt'
Timestamp of the user's first successful login.
INVITATION_STATUS  : string = 'invitationStatus'
Materialized lifecycle status of the latest invitation associated with the user.
JSON_PRIORITY_KEYS  : array<string|int, mixed> = [\org\schema\constants\Schema::AT_TYPE, \org\sc...
Defines the priority order of keys when serializing the object to JSON-LD.
LAST_LOGIN  : string = 'lastLogin'
Timestamp of the user's most recent successful authentication.
LOGINS_COUNT  : string = 'loginsCount'
Total number of successful user authentications.
MAX_LEVEL  : string = 'maxLevel'
Maximum role level assigned to the user across all associated roles.
METADATA  : string = 'metadata'
Read/write metadata associated with the user.
PENDING_EMAIL  : string = 'pendingEmail'
Email address currently awaiting verification.
PENDING_EMAIL_CODE_EXPIRES_AT  : string = 'pendingEmailCodeExpiresAt'
Expiration timestamp of the verification code associated with the pending email workflow.
PENDING_EMAIL_CODE_HASH  : string = 'pendingEmailCodeHash'
Secure hash of the verification code associated with the pending email verification workflow.
PENDING_EMAIL_SINCE  : string = 'pendingEmailSince'
Timestamp indicating when the pending email workflow started.
SIGNED_UP  : string = 'signedUp'
Indicates whether the user completed the signup workflow.
STATUS  : string = 'status'
Lifecycle status of the user account.
TOKENS_INVALID_BEFORE  : string = 'tokensInvalidBefore'
Epoch-seconds timestamp defining the authentication revocation cutoff for all access tokens issued to the user.

Properties

$_from  : string|null
The metadata to indicates the edge 'from' identifier.
$_id  : null|string
The metadata identifier of the item.
$_key  : null|string
The metadata unique key identifier of the thing.
$_rev  : null|string
The metadata revision value of the thing.
$_to  : string|null
The metadata to indicates the edge 'to' identifier.
$activated  : bool|null
Whether the user has completed their first successful login.
$active  : bool|null
The active flag.
$additionalName  : array<string|int, mixed>|string|null
An additional name for a Person, can be used for a middle name.
$additionalType  : array<string|int, mixed>|string|null|object
An additionalType for the item.
$address  : PostalAddress|string|array<string|int, mixed>|null
Physical address of the item (PostalAddress or any object to describe it).
$affiliation  : null|array<string|int, mixed>|Organization|string
An organization that this person is affiliated with. For example, a school/university, a club, or a team.
$agentInteractionStatistic  : InteractionCounter|array<string|int, mixed>|null
The number of completed interactions for this entity, in a particular role (the 'agent'), in a particular action (indicated in the statistic), and in a particular context (i.e. interactionService).
$alternateName  : string|object|array<string|int, mixed>|null
An alias for the item.
$alumniOf  : null|array<string|int, mixed>|Organization|EducationalOrganization
An organization that the person is an alumni of.
$applications  : array<string|int, mixed>|null
The authorized applications of this particular user.
$applicationsCount  : int|null
The number of applications referencing this policy.
$appMetadata  : array<string|int, mixed>|object|null
Data that the user has read-only access to (e.g. roles, permissions, vip, etc)
$award  : null|array<string|int, mixed>|string
An award won by or for this item.
$birthDate  : string|null
The Date of birth.
$birthPlace  : Place|string|null
The place where the person was born.
$blockedFor  : array<string|int, mixed>|string|null
Indicates if the User is blocked for specific API, Applications, etc.
$brand  : null|Brand|Organization
The brand(s) associated with a product or service, or the brand(s) maintained by an organization or business person.
$callSign  : string|null
A callsign, as used in broadcasting and radio communications to identify people, radio and TV stations, or vehicles.
$children  : array<string|int, mixed>|Person|null
The children of the person.
$colleague  : array<string|int, mixed>|Person|null
The colleague of the person.
$color  : string|null
The display color associated with this resource.
$contactPoint  : array<string|int, mixed>|ContactPoint|null|string
A contact point for a person or organization.
$created  : null|string
Date of creation of the resource.
$deathDate  : string|null
The Date of death.
$deathPlace  : Place|string|null
The place where the person died.
$description  : string|object|array<string|int, mixed>|null
A short description of the item.
$devices  : array<string|int, mixed>|null
The devices being used by this particular user.
$disambiguatingDescription  : string|null
A sub property of description. A short description of the item used to disambiguate from other, similar items. Information from other properties (in particular, name) may be necessary for the description to be useful for disambiguation.
$duns  : string|null
The Dun & Bradstreet DUNS number for identifying an organization or business person.
$email  : string|null
The email of the user.
$familyName  : string|null
The family name of the user.
$faxNumber  : string|null|array<string|int, mixed>|PropertyValue
The fax number.
$firstLoginAt  : string|null
The timestamp of the first successful login (ISO 8601).
$follows  : array<string|int, mixed>|Person|null
The most generic uni-directional social relation.
$funder  : null|string|array<string|int, mixed>|Person|Organization
A person or organization that supports (sponsors) something through some kind of financial contribution.
$funding  : string|array<string|int, mixed>|Grant|null
A Grant that directly or indirectly provide funding or sponsorship for this item.
$gender  : Enumeration|DefinedTerm|string|null
The gender of the user.
$givenName  : string|null
The given name of the user (first name).
$globalLocationNumber  : string|null
The Global Location Number (GLN, sometimes also referred to as International Location Number or ILN) of the respective organization, person, or place.
$hasCertification  : array<string|int, mixed>|Certification|null
Certification information about a product, organization, service, place, or person.
$hasCredential  : string|array<string|int, mixed>|EducationalOccupationalCredential|null
A credential awarded to the Person or Organization.
$hasOccupation  : array<string|int, mixed>|string|Occupation|null
The Person's occupation. For past professions, use Role for expressing dates.
$hasOfferCatalog  : array<string|int, mixed>|OfferCatalog|null
Indicates an OfferCatalog listing for this Organization, Person, or Service.
$hasPart  : string|Thing|array<string|int, Thing>|null
Indicates an item that this part of this item.
$hasPOS  : array<string|int, mixed>|Place|null
Points-of-Sales operated by the organization or person.
$height  : Distance|QuantitativeValue|null|int|float
The height of the item.
$homeLocation  : null|string|array<string|int, mixed>|ContactPoint|Place
A contact location for a person's residence.
$honorificPrefix  : string|null
An honorific prefix preceding a Person's name such as Dr/Mrs/Mr.
$honorificSuffix  : string|null
An honorific suffix following a Person's name such as M.D./PhD/MSCSW.
$id  : null|int|string
The unique identifier of the item.
$identifier  : string|null
The identifier of the item.
$image  : string|ImageObject|array<string|int, ImageObject|string>|null
The image reference of this resource.
$interactionStatistic  : InteractionCounter|array<string|int, mixed>|null
The number of interactions for the CreativeWork using the WebSite or SoftwareApplication.
$invitationStatus  : string|null
The materialized status of the latest invitation associated with this user. Used by the admin UI to filter and display lifecycle state without querying the `invitations` collection. Maintained by the controllers at every transition (create, resend, cancel, accept, expire).
$isicV4  : string|null
The International Standard of Industrial Classification of All Economic Activities (ISIC), Revision 4 code for a particular organization, business person, or place.
$isPartOf  : string|Thing|array<string|int, Thing>|null
Indicates an item that this item is part of.
$jobTitle  : array<string|int, mixed>|int|string|DefinedTerm|null
The job(s) title(s) of the person (for example, Painter, etc.).
$keywords  : string|DefinedTerm|array<string|int, mixed>|null
Keywords or tags used to describe some item. Multiple textual entries in a keywords list are typically delimited by commas, or by repeating the property.
$knows  : array<string|int, mixed>|Person|null
The most generic bi-directional social/work relation.
$knowsAbout  : string|Thing|null
Of a Person, and less typically of an Organization, to indicate a topic that is known about - suggesting possible expertise but not implying it. We do not distinguish skill levels here, or relate this to educational content, events, objectives or JobPosting descriptions.
$knowsLanguage  : string|array<string|int, mixed>|Language|null
The most generic bi-directional social/work relation.
$lastLogin  : string|null
Date of the latest login.
$license  : string|object|null
A legal document giving official permission to do something with the resource.
$loginsCount  : int|null
The number of logins of the User.
$logo  : null|string|ImageObject
The location of the organization
$mainEntityOfPage  : string|null
Indicates a page (or other CreativeWork) for which this thing is the main entity being described.
$makesOffer  : array<string|int, mixed>|Offer|null
A pointer to products or services offered by the organization or person.
$maxLevel  : int|null
The maximum role level held by this user across all of their roles.
$memberOf  : array<string|int, mixed>|object|null
An Organization to which this Person or Organization belongs.
$metadata  : array<string|int, mixed>|object|null
Data that the user has read/write access to (e.g. color_preference, blog_url, etc.)
$modified  : null|string
Date on which the resource was changed.
$naics  : string|null
The North American Industry Classification System (NAICS) code for a particular organization or business person.
$name  : int|string|null
The name of the item.
$nationality  : null|string|Country
Nationality of the person.
$netWorth  : PriceSpecification|MonetaryAmount|null
The total financial value of the person as calculated by subtracting the total value of liabilities from the total value of assets.
$owner  : null|string|Thing
The owner of this Thing.
$owns  : array<string|int, mixed>|Product|OwnershipInfo|null
Products owned by the organization or person.
$parent  : array<string|int, mixed>|Person|null|string
A parent of this person.
$pendingEmail  : string|null
Email address pending verification (Zitadel-side).
$pendingEmailCodeExpiresAt  : string|null
Expiration timestamp (ISO 8601) of the verification code sent to `pendingEmail`. Used to refuse stale codes and to drive UI countdowns.
$pendingEmailCodeHash  : string|null
Hash of the verification code sent to `pendingEmail`. The plaintext code is never persisted; verification compares the user-supplied code against this hash. Cleared once the email change is verified or cancelled.
$pendingEmailSince  : string|null
Timestamp (ISO 8601) when `pendingEmail` was requested.
$performerIn  : array<string|int, mixed>|Event|null
Event that this person is a performer or participant in.
$permissions  : array<string|int, Permission>|null
Define the permissions (scopes) that this particular User.
$permissionsCount  : int|null
The number of permissions attached on this particular User.
$photos  : array<string|int, mixed>|null
Photographs of this person (legacy spelling; see singular form, photo).
$potentialAction  : array<string|int, mixed>|Action|null
Indicates a potential Action, which describes an idealized action in which this thing would play an 'object' role.
$pronouns  : array<string|int, mixed>|DefinedTerm|StructuredValue|string|null
A short string listing or describing pronouns for a person.
$protected  : bool|null
Indicates whether this resource is protected.
$publisher  : string|array<string|int, string|Person|Organization>|Person|Organization|null
The publisher of the resource.
$publishingPrinciples  : array<string|int, mixed>|CreativeWork|string|null
The publishingPrinciples property indicates (typically via URL) a document describing the editorial principles of an Organization (or individual, e.g. a Person writing a blog) that relate to their activities as a publisher, e.g. ethics or diversity policies. When applied to a CreativeWork (e.g. NewsArticle) the principles are those of the party primarily responsible for the creation of the CreativeWork.
$relatedTo  : array<string|int, mixed>|Person|null
The most generic familial relation.
$roles  : array<string|int, Role>|null
Define the roles (scopes) that this particular User.
$rolesCount  : int|null
The number of roles attached on this particular User.
$sameAs  : string|array<string|int, mixed>|null
URL of a reference Web page that unambiguously indicates the item's identity.
$seeks  : array<string|int, mixed>|Demand|null
A pointer to products or services sought by the organization or person (demand).
$sibling  : array<string|int, mixed>|Person|null
A sibling of the person.
$signedUp  : string|null
Date of the signed-up of the User.
$skills  : array<string|int, mixed>|DefinedTerm|string|null
A statement of knowledge, skill, ability, task or any other assertion expressing a competency that is either claimed by a person, an organization or desired or required to fulfill a role or to work in an occupation.
$sponsor  : null|array<string|int, mixed>|Organization|Person
A person or organization that supports a thing through a pledge, promise, or financial contribution.
$spouse  : array<string|int, mixed>|Person|null
The person's spouse.
$status  : string|null
The lifecycle status of this user account, gating authentication.
$subjectOf  : null|string|array<string|int, mixed>|CreativeWork|Event
A CreativeWork or Event about this Thing.
$system  : bool|null
Indicates whether this resource is a system-defined resource.
$taxID  : string|null
The Tax / Fiscal ID of the organization or person, e.g. the TIN in the US, the SIRET/SIREN in France or the CIF/NIF in Spain.
$telephone  : string|null|array<string|int, mixed>|PropertyValue
The telephone number.
$tokensInvalidBefore  : int|null|string
Epoch-seconds timestamp marking the cut-off below which any access token issued for this user is considered invalid by the API.
$url  : int|string|null
URL of the item.
$vatID  : string|null
The Value-added Tax ID of the organization or person.
$weight  : null|QuantitativeValue|Mass|int|float
The weight of the product or person.
$workLocation  : null|int|string|array<string|int, mixed>|ContactPoint|Place
A contact location for a person's place of work.
$worksFor  : null|int|string|array<string|int, mixed>|Organization
Organizations that the person works for.
$atContext  : string|null
The JSON-LD `@context` value.
$atType  : string|null
The JSON-LD `@type` value.
$DEFAULT_JSON_SERIALIZE_OPTIONS  : array<string|int, mixed>
The default static jsonSerialize options (class-level configuration).
$schemaTypeCache  : array<string, string>
Internal cache for resolved schema types.

Methods

__construct()  : mixed
Constructor to hydrate public properties from an array or stdClass.
getJsonSerializeOptions()  : array<string|int, mixed>
Returns the default JSON serialization options.
getSchemaType()  : string
Returns the fully qualified URI of the schema type.
jsonSerialize()  : array<string|int, mixed>
Serializes the current object into a JSON-LD array.
withAtContext()  : $this
Sets the internal JSON-LD `@context` attribute.
withAtType()  : $this
Sets the internal JSON-LD `@type` attribute.
withJSONLDMeta()  : $this
Initializes both JSON-LD metadata: `@type` and `@context`.

Constants

ACTIVATED

Indicates whether the user account has completed its activation flow.

public string ACTIVATED = 'activated'

This flag is generally set after the first successful authentication or after an email/account verification workflow.

Related model property:

public bool|null $activated ;

APP_META_DATA

Read-only metadata associated with the user.

public string APP_META_DATA = 'appMetadata'

Commonly used for:

  • Roles
  • Permission snapshots
  • VIP flags
  • Internal application configuration
  • Derived authorization information

Related model property:

public array|object|null $appMetadata ;

BLOCKED_FOR

Indicates why or for which scope the user is blocked.

public string BLOCKED_FOR = 'blockedFor'

This field may contain:

  • API restrictions
  • Application-specific bans
  • Temporary suspension reasons
  • Security mitigation contexts

Related model property:

public array|string|null $blockedFor ;

CONTEXT

The @context of the json-ld representation of the thing.

public string CONTEXT = \xyz\oihana\schema\constants\Oihana::SCHEMA

DEVICES

Collection of known or trusted user devices.

public string DEVICES = 'devices'

Used to:

  • Manage refresh-token associations
  • Revoke sessions per device
  • Force reauthentication
  • Track authenticated environments

Related model property:

public array|null $devices ;

FIRST_LOGIN_AT

Timestamp of the user's first successful login.

public string FIRST_LOGIN_AT = 'firstLoginAt'

Immutable audit-oriented field generally stored in ISO 8601 format.

Related model property:

public string|null $firstLoginAt ;

INVITATION_STATUS

Materialized lifecycle status of the latest invitation associated with the user.

public string INVITATION_STATUS = 'invitationStatus'

Used by administrative interfaces to expose invitation state without requiring additional collection lookups.

Typical values include:

  • pending
  • accepted
  • cancelled
  • expired
  • revoked

Related model property:

public string|null $invitationStatus ;

JSON_PRIORITY_KEYS

Defines the priority order of keys when serializing the object to JSON-LD.

public array<string|int, mixed> JSON_PRIORITY_KEYS = [\org\schema\constants\Schema::AT_TYPE, \org\schema\constants\Schema::AT_CONTEXT, \org\schema\constants\Schema::_KEY, \org\schema\constants\Schema::_FROM, \org\schema\constants\Schema::_TO, \org\schema\constants\Schema::ID, \org\schema\constants\Schema::NAME, \org\schema\constants\Schema::URL, \org\schema\constants\Schema::CREATED, \org\schema\constants\Schema::MODIFIED]

Keys listed here will always appear first in the serialized array, in the order specified. All remaining public properties will be sorted alphabetically after these priority keys.

This ensures that important JSON-LD metadata and system fields (like @type, @context, _key, id, url, created, modified, etc.) appear at the top of the output for consistency and readability.

Usage:

$orderedKeys = self::JSON_PRIORITY_KEYS;

Notes:

  • Can be overridden in a subclass by redefining the constant.
  • Late static binding (static::JSON_PRIORITY_KEYS) allows child classes to modify the serialization order.

List of JSON-LD keys in priority order.

LAST_LOGIN

Timestamp of the user's most recent successful authentication.

public string LAST_LOGIN = 'lastLogin'

Related model property:

public string|null $lastLogin ;

LOGINS_COUNT

Total number of successful user authentications.

public string LOGINS_COUNT = 'loginsCount'

Commonly used for:

  • Analytics
  • User activity indicators
  • Security heuristics
  • Administrative dashboards

Related model property:

public int|null $loginsCount ;

MAX_LEVEL

Maximum role level assigned to the user across all associated roles.

public string MAX_LEVEL = 'maxLevel'

Materialized helper field mainly used by administrative interfaces to expose hierarchy hints and UX restrictions.

Related model property:

public int|null $maxLevel ;

METADATA

Read/write metadata associated with the user.

public string METADATA = 'metadata'

Typically contains:

  • User preferences
  • UI customization
  • Profile extensions
  • Domain-specific settings

Related model property:

public array|object|null $metadata ;

PENDING_EMAIL

Email address currently awaiting verification.

public string PENDING_EMAIL = 'pendingEmail'

Used during email-change workflows where the previously verified email remains authoritative until confirmation succeeds.

Related model property:

public string|null $pendingEmail ;

PENDING_EMAIL_CODE_EXPIRES_AT

Expiration timestamp of the verification code associated with the pending email workflow.

public string PENDING_EMAIL_CODE_EXPIRES_AT = 'pendingEmailCodeExpiresAt'

Usually stored as an ISO 8601 string.

Related model property:

public string|null $pendingEmailCodeExpiresAt ;

PENDING_EMAIL_CODE_HASH

Secure hash of the verification code associated with the pending email verification workflow.

public string PENDING_EMAIL_CODE_HASH = 'pendingEmailCodeHash'

The raw verification code must never be persisted.

Related model property:

public string|null $pendingEmailCodeHash ;

PENDING_EMAIL_SINCE

Timestamp indicating when the pending email workflow started.

public string PENDING_EMAIL_SINCE = 'pendingEmailSince'

Usually stored as an ISO 8601 string.

Related model property:

public string|null $pendingEmailSince ;

SIGNED_UP

Indicates whether the user completed the signup workflow.

public string SIGNED_UP = 'signedUp'

Related model property:

public string|null $signedUp ;

STATUS

Lifecycle status of the user account.

public string STATUS = 'status'

This status controls whether authentication and access are allowed.

Typical values include:

  • active
  • disabled
  • suspended
  • pending

Related model property:

public string|null $status ;

TOKENS_INVALID_BEFORE

Epoch-seconds timestamp defining the authentication revocation cutoff for all access tokens issued to the user.

public string TOKENS_INVALID_BEFORE = 'tokensInvalidBefore'

This property is updated during bulk session revocation flows, including:

  • Administrative "revoke all sessions" actions
  • Self-service "log out everywhere" operations
  • Security incident mitigation procedures

During authentication, the middleware compares this value against the JWT iat (issued-at) claim:

token.iat < tokensInvalidBefore

If true, the token is rejected with:

  • HTTP status 401 Unauthorized
  • revocation reason tokens_revoked

even when the token signature and expiration are still valid.

The value is intentionally stored as an integer epoch timestamp rather than ISO 8601 for extremely fast integer comparisons during authenticated API requests.

A null value means no global token revocation cutoff currently applies to the user.

Related model property:

public int|null $tokensInvalidBefore ;

Properties

$_from

The metadata to indicates the edge 'from' identifier.

public string|null $_from

$_id

The metadata identifier of the item.

public null|string $_id

$_key

The metadata unique key identifier of the thing.

public null|string $_key

$_rev

The metadata revision value of the thing.

public null|string $_rev

$_to

The metadata to indicates the edge 'to' identifier.

public string|null $_to

$activated

Whether the user has completed their first successful login.

public bool|null $activated

Defaults to false on creation; set to true by CallbackController on the first OIDC callback (password init or external IdP).

$active

The active flag.

public bool|null $active

$additionalName

An additional name for a Person, can be used for a middle name.

public array<string|int, mixed>|string|null $additionalName = null

$additionalType

An additionalType for the item.

public array<string|int, mixed>|string|null|object $additionalType

$address

Physical address of the item (PostalAddress or any object to describe it).

public PostalAddress|string|array<string|int, mixed>|null $address = null

$affiliation

An organization that this person is affiliated with. For example, a school/university, a club, or a team.

public null|array<string|int, mixed>|Organization|string $affiliation

$agentInteractionStatistic

The number of completed interactions for this entity, in a particular role (the 'agent'), in a particular action (indicated in the statistic), and in a particular context (i.e. interactionService).

public InteractionCounter|array<string|int, mixed>|null $agentInteractionStatistic

$alternateName

An alias for the item.

public string|object|array<string|int, mixed>|null $alternateName

$applications

The authorized applications of this particular user.

public array<string|int, mixed>|null $applications

$applicationsCount

The number of applications referencing this policy.

public int|null $applicationsCount

$appMetadata

Data that the user has read-only access to (e.g. roles, permissions, vip, etc)

public array<string|int, mixed>|object|null $appMetadata

$award

An award won by or for this item.

public null|array<string|int, mixed>|string $award

$birthDate

The Date of birth.

public string|null $birthDate

$birthPlace

The place where the person was born.

public Place|string|null $birthPlace

$blockedFor

Indicates if the User is blocked for specific API, Applications, etc.

public array<string|int, mixed>|string|null $blockedFor

$brand

The brand(s) associated with a product or service, or the brand(s) maintained by an organization or business person.

public null|Brand|Organization $brand

$callSign

A callsign, as used in broadcasting and radio communications to identify people, radio and TV stations, or vehicles.

public string|null $callSign

$children

The children of the person.

public array<string|int, mixed>|Person|null $children

$colleague

The colleague of the person.

public array<string|int, mixed>|Person|null $colleague

$color

The display color associated with this resource.

public string|null $color

This value is generally used for UI rendering purposes such as labels, badges, tags, or administration panels.

Example:

$resource->color = '#ff6600';

$contactPoint

A contact point for a person or organization.

public array<string|int, mixed>|ContactPoint|null|string $contactPoint

$created

Date of creation of the resource.

public null|string $created

$deathDate

The Date of death.

public string|null $deathDate

$deathPlace

The place where the person died.

public Place|string|null $deathPlace

$description

A short description of the item.

public string|object|array<string|int, mixed>|null $description

$devices

The devices being used by this particular user.

public array<string|int, mixed>|null $devices

This list is used to unlink the User, the refresh token will be revoked, forcing the user to re-login on the application.

$disambiguatingDescription

A sub property of description. A short description of the item used to disambiguate from other, similar items. Information from other properties (in particular, name) may be necessary for the description to be useful for disambiguation.

public string|null $disambiguatingDescription

$duns

The Dun & Bradstreet DUNS number for identifying an organization or business person.

public string|null $duns

$email

The email of the user.

public string|null $email

$familyName

The family name of the user.

public string|null $familyName

$firstLoginAt

The timestamp of the first successful login (ISO 8601).

public string|null $firstLoginAt

Immutable once set. Audit/analytics value only — do not use for "last seen" checks (use vendor lastLogin instead).

$follows

The most generic uni-directional social relation.

public array<string|int, mixed>|Person|null $follows

$funder

A person or organization that supports (sponsors) something through some kind of financial contribution.

public null|string|array<string|int, mixed>|Person|Organization $funder

$funding

A Grant that directly or indirectly provide funding or sponsorship for this item.

public string|array<string|int, mixed>|Grant|null $funding

$givenName

The given name of the user (first name).

public string|null $givenName

$globalLocationNumber

The Global Location Number (GLN, sometimes also referred to as International Location Number or ILN) of the respective organization, person, or place.

public string|null $globalLocationNumber

The GLN is a 13-digit number used to identify parties and physical locations.

$hasCertification

Certification information about a product, organization, service, place, or person.

public array<string|int, mixed>|Certification|null $hasCertification

$hasOccupation

The Person's occupation. For past professions, use Role for expressing dates.

public array<string|int, mixed>|string|Occupation|null $hasOccupation

$hasOfferCatalog

Indicates an OfferCatalog listing for this Organization, Person, or Service.

public array<string|int, mixed>|OfferCatalog|null $hasOfferCatalog

$hasPart

Indicates an item that this part of this item.

public string|Thing|array<string|int, Thing>|null $hasPart

$hasPOS

Points-of-Sales operated by the organization or person.

public array<string|int, mixed>|Place|null $hasPOS

$homeLocation

A contact location for a person's residence.

public null|string|array<string|int, mixed>|ContactPoint|Place $homeLocation

$honorificPrefix

An honorific prefix preceding a Person's name such as Dr/Mrs/Mr.

public string|null $honorificPrefix

$honorificSuffix

An honorific suffix following a Person's name such as M.D./PhD/MSCSW.

public string|null $honorificSuffix

$id

The unique identifier of the item.

public null|int|string $id

$identifier

The identifier of the item.

public string|null $identifier

$interactionStatistic

The number of interactions for the CreativeWork using the WebSite or SoftwareApplication.

public InteractionCounter|array<string|int, mixed>|null $interactionStatistic

The most specific child type of InteractionCounter should be used.

$invitationStatus

The materialized status of the latest invitation associated with this user. Used by the admin UI to filter and display lifecycle state without querying the `invitations` collection. Maintained by the controllers at every transition (create, resend, cancel, accept, expire).

public string|null $invitationStatus
Tags
see
InvitationStatus

$isicV4

The International Standard of Industrial Classification of All Economic Activities (ISIC), Revision 4 code for a particular organization, business person, or place.

public string|null $isicV4

$isPartOf

Indicates an item that this item is part of.

public string|Thing|array<string|int, Thing>|null $isPartOf

$jobTitle

The job(s) title(s) of the person (for example, Painter, etc.).

public array<string|int, mixed>|int|string|DefinedTerm|null $jobTitle

$keywords

Keywords or tags used to describe some item. Multiple textual entries in a keywords list are typically delimited by commas, or by repeating the property.

public string|DefinedTerm|array<string|int, mixed>|null $keywords

$knows

The most generic bi-directional social/work relation.

public array<string|int, mixed>|Person|null $knows

$knowsAbout

Of a Person, and less typically of an Organization, to indicate a topic that is known about - suggesting possible expertise but not implying it. We do not distinguish skill levels here, or relate this to educational content, events, objectives or JobPosting descriptions.

public string|Thing|null $knowsAbout

$knowsLanguage

The most generic bi-directional social/work relation.

public string|array<string|int, mixed>|Language|null $knowsLanguage

$lastLogin

Date of the latest login.

public string|null $lastLogin

$license

A legal document giving official permission to do something with the resource.

public string|object|null $license

$loginsCount

The number of logins of the User.

public int|null $loginsCount

$mainEntityOfPage

Indicates a page (or other CreativeWork) for which this thing is the main entity being described.

public string|null $mainEntityOfPage

$makesOffer

A pointer to products or services offered by the organization or person.

public array<string|int, mixed>|Offer|null $makesOffer

Inverse property: offeredBy

$maxLevel

The maximum role level held by this user across all of their roles.

public int|null $maxLevel

Materialized field used by the admin UI to enforce client-side level-hierarchy hints (e.g. disable destructive actions on users whose level is greater than or equal to the current actor's level). The authoritative check is always performed server-side; this value is provided for UX only.

Defaults to 0 when the user has no role.

$memberOf

An Organization to which this Person or Organization belongs.

public array<string|int, mixed>|object|null $memberOf

$metadata

Data that the user has read/write access to (e.g. color_preference, blog_url, etc.)

public array<string|int, mixed>|object|null $metadata

$modified

Date on which the resource was changed.

public null|string $modified

$naics

The North American Industry Classification System (NAICS) code for a particular organization or business person.

public string|null $naics

$name

The name of the item.

public int|string|null $name

$nationality

Nationality of the person.

public null|string|Country $nationality

$netWorth

The total financial value of the person as calculated by subtracting the total value of liabilities from the total value of assets.

public PriceSpecification|MonetaryAmount|null $netWorth

$owner

The owner of this Thing.

public null|string|Thing $owner

Represents any entity (person, organization, system, or other object) that can be considered the possessor of this Thing.

$parent

A parent of this person.

public array<string|int, mixed>|Person|null|string $parent

$pendingEmail

Email address pending verification (Zitadel-side).

public string|null $pendingEmail

Set when the user requested an email change; cleared once Zitadel confirms verification (claim email_verified=true on next login or webhook). The official email remains the previously verified address until then.

$pendingEmailCodeExpiresAt

Expiration timestamp (ISO 8601) of the verification code sent to `pendingEmail`. Used to refuse stale codes and to drive UI countdowns.

public string|null $pendingEmailCodeExpiresAt

Cleared once the email change is verified or cancelled.

$pendingEmailCodeHash

Hash of the verification code sent to `pendingEmail`. The plaintext code is never persisted; verification compares the user-supplied code against this hash. Cleared once the email change is verified or cancelled.

public string|null $pendingEmailCodeHash

$pendingEmailSince

Timestamp (ISO 8601) when `pendingEmail` was requested.

public string|null $pendingEmailSince

Used by the UI to display "verification pending since …".

$performerIn

Event that this person is a performer or participant in.

public array<string|int, mixed>|Event|null $performerIn

$permissions

Define the permissions (scopes) that this particular User.

public array<string|int, Permission>|null $permissions
Attributes
#[HydrateWith]
\xyz\oihana\schema\auth\Permission::class

$permissionsCount

The number of permissions attached on this particular User.

public int|null $permissionsCount

$photos

Photographs of this person (legacy spelling; see singular form, photo).

public array<string|int, mixed>|null $photos

$potentialAction

Indicates a potential Action, which describes an idealized action in which this thing would play an 'object' role.

public array<string|int, mixed>|Action|null $potentialAction

$pronouns

A short string listing or describing pronouns for a person.

public array<string|int, mixed>|DefinedTerm|StructuredValue|string|null $pronouns

Typically the person concerned is the best authority as pronouns are a critical part of personal identity and expression.

Publishers and consumers of this information are reminded to treat this data responsibly, take country-specific laws related to gender expression into account, and be wary of out-of-date data and drawing unwarranted inferences about the person being described.

In English, formulations such as "they/them", "she/her", and "he/him" are commonly used online and can also be used here.

We do not intend to enumerate all possible micro-syntaxes in all languages.

More structured and well-defined external values for pronouns can be referenced using the StructuredValue or DefinedTerm values.

$protected

Indicates whether this resource is protected.

public bool|null $protected

A protected resource cannot normally be modified or assigned through public REST API operations or non-privileged actions.

Example:

$resource->protected = true;

$publishingPrinciples

The publishingPrinciples property indicates (typically via URL) a document describing the editorial principles of an Organization (or individual, e.g. a Person writing a blog) that relate to their activities as a publisher, e.g. ethics or diversity policies. When applied to a CreativeWork (e.g. NewsArticle) the principles are those of the party primarily responsible for the creation of the CreativeWork.

public array<string|int, mixed>|CreativeWork|string|null $publishingPrinciples

$relatedTo

The most generic familial relation.

public array<string|int, mixed>|Person|null $relatedTo

$roles

Define the roles (scopes) that this particular User.

public array<string|int, Role>|null $roles
Attributes
#[HydrateWith]
\xyz\oihana\schema\auth\Role::class

$rolesCount

The number of roles attached on this particular User.

public int|null $rolesCount

$sameAs

URL of a reference Web page that unambiguously indicates the item's identity.

public string|array<string|int, mixed>|null $sameAs

E.g. the URL of the item's Wikipedia page, Wikidata entry, or official website.

$seeks

A pointer to products or services sought by the organization or person (demand).

public array<string|int, mixed>|Demand|null $seeks

$sibling

A sibling of the person.

public array<string|int, mixed>|Person|null $sibling

$signedUp

Date of the signed-up of the User.

public string|null $signedUp

$skills

A statement of knowledge, skill, ability, task or any other assertion expressing a competency that is either claimed by a person, an organization or desired or required to fulfill a role or to work in an occupation.

public array<string|int, mixed>|DefinedTerm|string|null $skills

$sponsor

A person or organization that supports a thing through a pledge, promise, or financial contribution.

public null|array<string|int, mixed>|Organization|Person $sponsor

$spouse

The person's spouse.

public array<string|int, mixed>|Person|null $spouse

$status

The lifecycle status of this user account, gating authentication.

public string|null $status

Distinct from activated (which is the immutable record of the first successful login). Defaults to active on creation, can be set to disabled by an administrator to refuse further logins.

Tags
see
UserStatus

$subjectOf

A CreativeWork or Event about this Thing.

public null|string|array<string|int, mixed>|CreativeWork|Event $subjectOf

$system

Indicates whether this resource is a system-defined resource.

public bool|null $system

System resources are generally immutable and cannot be deleted through REST APIs or standard administrative operations.

Example:

$resource->system = true;

$taxID

The Tax / Fiscal ID of the organization or person, e.g. the TIN in the US, the SIRET/SIREN in France or the CIF/NIF in Spain.

public string|null $taxID

$telephone

The telephone number.

public string|null|array<string|int, mixed>|PropertyValue $telephone

$tokensInvalidBefore

Epoch-seconds timestamp marking the cut-off below which any access token issued for this user is considered invalid by the API.

public int|null|string $tokensInvalidBefore

Stamped by the bulk session revocation flow (admin "revoke all" or self-service "log me out everywhere"). Compared against the JWT iat claim by the authentication middleware : a token whose iat < tokensInvalidBefore is rejected with 401 and the tokens_revoked reason, even if it is still cryptographically valid.

Stored as epoch seconds (int) rather than ISO 8601 so the middleware comparison against the JWT iat claim is a direct integer compare, with no parsing on every authenticated request.

null means no revocation in effect — every cryptographically valid access token is accepted.

$url

URL of the item.

public int|string|null $url

$vatID

The Value-added Tax ID of the organization or person.

public string|null $vatID

$workLocation

A contact location for a person's place of work.

public null|int|string|array<string|int, mixed>|ContactPoint|Place $workLocation

$worksFor

Organizations that the person works for.

public null|int|string|array<string|int, mixed>|Organization $worksFor

$atContext

The JSON-LD `@context` value.

protected string|null $atContext = null

Default is https://schema.org.

$atType

The JSON-LD `@type` value.

protected string|null $atType = null

This can be manually set or automatically inferred from the class name.

$DEFAULT_JSON_SERIALIZE_OPTIONS

The default static jsonSerialize options (class-level configuration).

protected static array<string|int, mixed> $DEFAULT_JSON_SERIALIZE_OPTIONS = []

$schemaTypeCache

Internal cache for resolved schema types.

private static array<string, string> $schemaTypeCache = []

Methods

__construct()

Constructor to hydrate public properties from an array or stdClass.

public __construct([array<string|int, mixed>|object|null $init = null ]) : mixed

This allows objects to be quickly populated with associative data without manually setting each property.

Parameters
$init : array<string|int, mixed>|object|null = null

A data array or object used to initialize the instance. Keys must match public property names.

Tags
throws
ReflectionException
example 
use org\schema\Person;
use org\schema\constants\Prop;

$person = new Person
([
    Prop::NAME => 'Jane Doe',
    Prop::URL  => 'https://example.com/janedoe'
]);

echo $person->name; // Outputs: Jane Doe

getJsonSerializeOptions()

Returns the default JSON serialization options.

public getJsonSerializeOptions() : array<string|int, mixed>

This method determines how the jsonSerialize() output is reduced or compressed, etc. It can be overridden in child classes to customize serialization behavior.

Return values
array<string|int, mixed>

Returns the reduction/compression options for JSON serialization.

getSchemaType()

Returns the fully qualified URI of the schema type.

public static getSchemaType() : string

This method combines the class's CONTEXT constant with its short name to produce a globally unique identifier for the entity type.

  • It uses Late Static Binding to ensure the correct context is retrieved even when called from an inherited class (e.g., Corporation vs. Affiliate).
  • Performance Optimization: Results are stored in a static cache ($schemaTypeCache) to avoid redundant Reflection calls during the same execution lifecycle.
Return values
string

The absolute URI of the type (e.g., "https://schema.org/Thing"). ** @example

echo Thing::getSchemaType();      // https://schema.org/Thing
echo Affiliate::getSchemaType();  // https://schema.oihana.xyz/Pagination

jsonSerialize()

Serializes the current object into a JSON-LD array.

public jsonSerialize() : array<string|int, mixed>

Includes public properties, the JSON-LD @context and @type. Null values are automatically removed.

Tags
throws
ReflectionException

If reflection fails when accessing properties.

example 
use org\schema\Person;
use org\schema\constants\Prop;

$person = new Person
([
    Prop::NAME => 'John Smith',
    Prop::ID   => 'jsmith-001'
]);

echo json_encode($person, JSON_PRETTY_PRINT);

Output:

{
   "@type": "Person",
   "@context": "https://schema.org",
   "id": "jsmith-001",
   "name": "John Smith"
}
Return values
array<string|int, mixed>

JSON-LD representation of the object.

withAtContext()

Sets the internal JSON-LD `@context` attribute.

public withAtContext(string $context) : $this

Useful if you need a custom JSON-LD context.

Parameters
$context : string

Optional JSON-LD context.

Return values
$this

withAtType()

Sets the internal JSON-LD `@type` attribute.

public withAtType(string $type) : $this

Allows overriding the default type inferred from the class.

Parameters
$type : string

Optional JSON-LD type

Return values
$this

withJSONLDMeta()

Initializes both JSON-LD metadata: `@type` and `@context`.

public withJSONLDMeta([string|null $atType = null ][, string|null $atContext = null ]) : $this

Can be called from constructor or later to override default values.

Parameters
$atType : string|null = null

Optional JSON-LD type

$atContext : string|null = null

Optional JSON-LD context

Return values
$this
On this page

Search results