Encrypted Profile Fields

Literal stores profile data in two categories: server-visible account fields and client-encrypted profile fields.

Server-visible fields support account routing and lifecycle behavior, such as user ID, email verification status, key version, creation time, and last login time. Client-encrypted fields, such as email and display name, are stored as opaque ciphertext and decrypted only by the client.

Endpoint sequence:

• GET /v1/users/me
• PATCH /v1/users/me

Use the API Reference for exact request fields, response bodies, and errors.

Visibility Model

Read An Encrypted Profile Field

1. Fetch the authenticated profile.
2. Treat encrypted fields as opaque ciphertext.
3. Decrypt encrypted values locally using the User Master Key and the required AEAD context.
4. Display plaintext only in the client.

Update An Encrypted Profile Field

1. Validate the new value locally.
2. Encrypt it with the current User Master Key and profile-field AEAD context.
3. Submit the ciphertext to Literal.
4. Store or display the decrypted value only on the client.

Updating display_name_encrypted replaces the stored ciphertext. Literal does not merge, inspect, or transform the encrypted value.

Related Resources

• Authentication — obtain and refresh access tokens.
• Key Hierarchy — understand how the User Master Key protects encrypted fields.
• API Reference — exact schemas for profile endpoints.

Last updated on