> For the complete documentation index, see [llms.txt](/llms.txt).

# User details in ID token

The **User Details in ID Token** setting controls whether personally identifiable information (PII) such as email, name, and profile picture is included in the JWT identity token issued by Embedded Wallets.

Web SDK v11 (`@web3auth/modal` for JavaScript, React, and Vue) also surfaces a richer user object that includes linked accounts and authentication methods across every wallet the user has connected, not just the one they used to sign in.

![User details settings](/assets/images/project-settings-advanced-e73a8c5fab365a6864e1ecd8c76466a4.png) 

## Richer user object (Web SDK v11)[​](#richer-user-object-web-sdk-v11 "Direct link to Richer user object (Web SDK v11)")

When you call `getUserInfo()` or use `useWeb3AuthUser`, the returned `UserInfo` object can include a `linkedAccounts` array. Each entry describes a wallet linked to the same Embedded Wallets user:

| Field      | Description                                   |
| ---------- | --------------------------------------------- |
| id         | Linked account identifier                     |
| isPrimary  | Whether this is the user's primary account    |
| eoaAddress | Externally owned account address              |
| aaAddress  | Smart account address, if configured          |
| connector  | Connector name for this account               |
| active     | Whether this account is the active connection |

```
import { useWeb3AuthUser } from '@web3auth/modal/react'

function UserProfile() {
  const { userInfo } = useWeb3AuthUser()

  return (
    <div>
      <p>Primary login: {userInfo?.typeOfLogin}</p>
      <ul>
        {userInfo?.linkedAccounts?.map(account => (
          <li key={account.id}>
            {account.eoaAddress} ({account.connector}){account.active ? ' (active)' : ''}
          </li>
        ))}
      </ul>
    </div>
  )
}

```

Use this object to unify analytics, CRM records, and support tooling under one user ID. See [Multi-wallet linking and switching](/embedded-wallets/features/multi-wallet-linking/) for linking and switching APIs.

The dashboard **User management** section lists users and their linked accounts for your project. See [Access control](/embedded-wallets/dashboard/access-control/#user-management).

## ID token configuration[​](#id-token-configuration "Direct link to ID token configuration")

Navigate to **Project Settings** → **Advanced** → **User details** and choose one of three modes:

| Mode                               | Additional claims in token                           |
| ---------------------------------- | ---------------------------------------------------- |
| Disabled                           | None — only sub, wallet_address, standard JWT fields |
| Email only (userIdentifier: email) | email                                                |
| Enabled (all PII)                  | email, name, picture, provider fields                |

The `sub` (user identifier), `wallet_address`, `aud`, `exp`, and `iat` claims are always present regardless of this setting.

## Reading the token[​](#reading-the-token "Direct link to Reading the token")

Retrieve the identity token using `getIdentityToken()`:

```
const { idToken } = await web3auth.getIdentityToken()

```

The returned `idToken` is a signed JWT. Verify it server-side using the [JWKS endpoint or project verification key](/embedded-wallets/dashboard/project-settings/#token-verification) before trusting any claims.

### Sample token payloads[​](#sample-token-payloads "Direct link to Sample token payloads")

**Disabled** — minimal claims only:

```
{
  "sub": "google|user_unique_id",
  "wallet_address": "0x1234...abcd",
  "aud": "<YOUR_CLIENT_ID>",
  "exp": 1640995200,
  "iat": 1640908800
}

```

**Enabled** — full PII included:

```
{
  "sub": "google|user_unique_id",
  "wallet_address": "0x1234...abcd",
  "aud": "<YOUR_CLIENT_ID>",
  "exp": 1640995200,
  "iat": 1640908800,
  "email": "user@example.com",
  "name": "Jane Doe",
  "picture": "https://profile-pics.example.com/user.jpg",
  "provider": "google"
}

```

## Privacy considerations[​](#privacy-considerations "Direct link to Privacy considerations")

Only enable PII in tokens when your dapp needs it. Ensure your privacy policy discloses what user data you process. For GDPR-regulated users, obtain explicit consent before persisting any PII sourced from the token.

## Next steps[​](#next-steps "Direct link to Next steps")

- [Session management](/embedded-wallets/dashboard/advanced/session-management/) — control session lifetime
- [Key export settings](/embedded-wallets/dashboard/advanced/key-export/) — control private key export permissions
- [Project settings](/embedded-wallets/dashboard/project-settings/) — general project configuration