> ## Documentation Index
> Fetch the complete documentation index at: https://documentation.qonversion.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Users

> Retrieve Qonversion users and manage their properties, purchases, and entitlements

A **User** in Qonversion represents a single app user across platforms. Each user has a unique Qonversion User ID (prefixed with `QON_`) that is automatically generated by the SDK on first launch. Most user-scoped operations live under `/v4/users/{user_id}/…`.

## Key concepts

* **Qonversion User ID** — Auto-generated identifier (e.g., `QON_3af4c5b8a4d24f21b72e9d0c8aef9d4e`). The server emits a UUID with dashes stripped, so the suffix is always 32 lowercase hex characters.
* **Environment** — Each user belongs to either `prod` (production) or `sandbox` environment.
* **Identity** — Users can optionally be linked to your own user ID system via the [Identity API](/reference/v4/identities).
* **Sub-resources** — Properties, purchases, and entitlements live under dedicated endpoints, documented in [User Properties](/reference/v4/user-properties), [Purchases](/reference/v4/purchases), and [Entitlements](/reference/v4/entitlements).

## Available endpoints

| Method | Endpoint           | Description                                     | Status                           |
| ------ | ------------------ | ----------------------------------------------- | -------------------------------- |
| POST   | `/users`           | Create a user (server generates the `QON_…` id) | New                              |
| GET    | `/users/{user_id}` | Get a user                                      | Updated — [v3](/reference/users) |

**v3 → v4 note:** v3's `POST /v3/users/{id}` accepted a client-supplied id. v4 standardises on server-issued ids across every resource — pass only the `environment` in the body, and use the returned `id` / `Location` for follow-up calls. Pair with an `Idempotency-Key` header to make retries safe.

## Authentication

All v4 endpoints require a **Secret Key**. See [Authentication](/reference/v4/authentication).
