diff --git a/go.mod b/go.mod
index a0941ee..1ac3b6a 100644
--- a/go.mod
+++ b/go.mod
@@ -8,7 +8,7 @@ require (
 	github.com/buildkite/yaml v0.0.0-20230306222819-0e4e032d4835
 	github.com/coreos/go-semver v0.3.1
 	github.com/gin-gonic/gin v1.10.0
-	github.com/go-vela/server v0.24.3-0.20240904142119-21dfb446e793
+	github.com/go-vela/server v0.24.3-0.20240905182859-d0fa4f7d8dad
 	github.com/go-vela/types v0.24.1-0.20240826141537-76a66e72d5dc
 	github.com/golang-jwt/jwt/v5 v5.2.1
 	github.com/google/go-cmp v0.6.0
diff --git a/go.sum b/go.sum
index 50705ab..100ccc7 100644
--- a/go.sum
+++ b/go.sum
@@ -36,8 +36,8 @@ github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJn
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
 github.com/go-playground/validator/v10 v10.20.0 h1:K9ISHbSaI0lyB2eWMPJo+kOS/FBExVwjEviJTixqxL8=
 github.com/go-playground/validator/v10 v10.20.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM=
-github.com/go-vela/server v0.24.3-0.20240904142119-21dfb446e793 h1:7WnJ3cg3Ev1McemTyAHo1+DPiPe1SMfJaGzoXkZgMx8=
-github.com/go-vela/server v0.24.3-0.20240904142119-21dfb446e793/go.mod h1:3KmEXG+6N0jfwxPKBM8oIOM3iAcxwJvqsOs0RZvGYnI=
+github.com/go-vela/server v0.24.3-0.20240905182859-d0fa4f7d8dad h1:JLd0G8P4Bi381bxSR8ws1nFvc7yGz0v1jcXGY3J1ChU=
+github.com/go-vela/server v0.24.3-0.20240905182859-d0fa4f7d8dad/go.mod h1:3KmEXG+6N0jfwxPKBM8oIOM3iAcxwJvqsOs0RZvGYnI=
 github.com/go-vela/types v0.24.1-0.20240826141537-76a66e72d5dc h1:VyT2tBwPVO9fMmn+22TC4rY4dp+d71To/Qo5Vk4cOSo=
 github.com/go-vela/types v0.24.1-0.20240826141537-76a66e72d5dc/go.mod h1:WcSiFm8cWuErRw4aI08NrfM+SZzidnbUs2fmO5klFKo=
 github.com/goccy/go-json v0.10.3 h1:KZ5WoDbxAIgm2HNbYckL0se1fHD6rz5j4ywS6ebzDqA=
diff --git a/vela/client.go b/vela/client.go
index f1a3d9a..1bd5fa7 100644
--- a/vela/client.go
+++ b/vela/client.go
@@ -54,6 +54,7 @@ type (
 		Secret         *SecretService
 		Step           *StepService
 		Svc            *SvcService
+		User           *UserService
 		Worker         *WorkerService
 		Queue          *QueueService
 	}
@@ -152,6 +153,7 @@ func NewClient(baseURL, id string, httpClient *http.Client) (*Client, error) {
 	c.Secret = &SecretService{client: c}
 	c.Step = &StepService{client: c}
 	c.Svc = &SvcService{client: c}
+	c.User = &UserService{client: c}
 	c.Worker = &WorkerService{client: c}
 	c.Queue = &QueueService{client: c}
 
diff --git a/vela/client_test.go b/vela/client_test.go
index eba0c4f..02da74f 100644
--- a/vela/client_test.go
+++ b/vela/client_test.go
@@ -60,6 +60,7 @@ func TestVela_NewClient(t *testing.T) {
 	want.Secret = &SecretService{client: want}
 	want.Step = &StepService{client: want}
 	want.Svc = &SvcService{client: want}
+	want.User = &UserService{client: want}
 	want.Worker = &WorkerService{client: want}
 	want.Queue = &QueueService{client: want}
 
diff --git a/vela/user.go b/vela/user.go
new file mode 100644
index 0000000..2256ceb
--- /dev/null
+++ b/vela/user.go
@@ -0,0 +1,69 @@
+// SPDX-License-Identifier: Apache-2.0
+
+package vela
+
+import (
+	"fmt"
+
+	api "github.com/go-vela/server/api/types"
+)
+
+// UserService handles retrieving users from
+// the server methods of the Vela API.
+type UserService service
+
+// Get returns the provided user by name.
+func (svc *UserService) Get(name string) (*api.User, *Response, error) {
+	// set the API endpoint path we send the request to
+	u := fmt.Sprintf("/api/v1/users/%s", name)
+
+	// api user type we want to return
+	v := new(api.User)
+
+	// send request using client
+	resp, err := svc.client.Call("GET", u, nil, v)
+
+	return v, resp, err
+}
+
+// GetCurrent returns the current user.
+func (svc *UserService) GetCurrent() (*api.User, *Response, error) {
+	// set the API endpoint path we send the request to
+	u := "/api/v1/user"
+
+	// api user type we want to return
+	v := new(api.User)
+
+	// send request using client
+	resp, err := svc.client.Call("GET", u, nil, v)
+
+	return v, resp, err
+}
+
+// Update modifies a user with the provided details.
+func (svc *UserService) Update(name string, user *api.User) (*api.User, *Response, error) {
+	// set the API endpoint path we send the request to
+	u := fmt.Sprintf("/api/v1/users/%s", name)
+
+	// api User type we want to return
+	v := new(api.User)
+
+	// send request using client
+	resp, err := svc.client.Call("PUT", u, user, v)
+
+	return v, resp, err
+}
+
+// Update modifies the current user with the provided details.
+func (svc *UserService) UpdateCurrent(user *api.User) (*api.User, *Response, error) {
+	// set the API endpoint path we send the request to
+	u := "/api/v1/user"
+
+	// api User type we want to return
+	v := new(api.User)
+
+	// send request using client
+	resp, err := svc.client.Call("PUT", u, user, v)
+
+	return v, resp, err
+}
diff --git a/vela/user_test.go b/vela/user_test.go
new file mode 100644
index 0000000..0902fc4
--- /dev/null
+++ b/vela/user_test.go
@@ -0,0 +1,252 @@
+// SPDX-License-Identifier: Apache-2.0
+
+package vela
+
+import (
+	"encoding/json"
+	"net/http"
+	"net/http/httptest"
+	"reflect"
+	"testing"
+
+	"github.com/gin-gonic/gin"
+
+	api "github.com/go-vela/server/api/types"
+	"github.com/go-vela/server/mock/server"
+)
+
+func TestUser_Get_200(t *testing.T) {
+	// setup context
+	gin.SetMode(gin.TestMode)
+
+	s := httptest.NewServer(server.FakeHandler())
+	c, _ := NewClient(s.URL, "", nil)
+
+	data := []byte(server.UserResp)
+
+	var want api.User
+	_ = json.Unmarshal(data, &want)
+
+	// run test
+	got, resp, err := c.User.Get("octocat")
+
+	if err != nil {
+		t.Errorf("User Get returned err: %v", err)
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		t.Errorf("User Get returned %v, want %v", resp.StatusCode, http.StatusOK)
+	}
+
+	if !reflect.DeepEqual(got, &want) {
+		t.Errorf("User Get is %v, want %v", got, want)
+	}
+}
+
+func TestUser_Get_404(t *testing.T) {
+	// setup context
+	gin.SetMode(gin.TestMode)
+
+	s := httptest.NewServer(server.FakeHandler())
+	c, _ := NewClient(s.URL, "", nil)
+
+	want := api.User{}
+
+	// run test
+	got, resp, err := c.User.Get("not-found")
+
+	if err == nil {
+		t.Errorf("User Get should have returned err")
+	}
+
+	if resp.StatusCode != http.StatusNotFound {
+		t.Errorf("User Get returned %v, want %v", resp.StatusCode, http.StatusNotFound)
+	}
+
+	if !reflect.DeepEqual(got, &want) {
+		t.Errorf("User Get is %v, want %v", got, want)
+	}
+}
+
+func TestUser_Update_200(t *testing.T) {
+	// setup context
+	gin.SetMode(gin.TestMode)
+
+	s := httptest.NewServer(server.FakeHandler())
+	c, _ := NewClient(s.URL, "", nil)
+
+	data := []byte(server.UserResp)
+
+	var want api.User
+	_ = json.Unmarshal(data, &want)
+
+	req := api.User{
+		Admin: Bool(true),
+	}
+
+	// run test
+	got, resp, err := c.User.Update("octocat", &req)
+
+	if err != nil {
+		t.Errorf("User Update returned err: %v", err)
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		t.Errorf("User Update returned %v, want %v", resp.StatusCode, http.StatusOK)
+	}
+
+	if !reflect.DeepEqual(got, &want) {
+		t.Errorf("User Update is %v, want %v", got, want)
+	}
+}
+
+func TestUser_Update_404(t *testing.T) {
+	// setup context
+	gin.SetMode(gin.TestMode)
+
+	s := httptest.NewServer(server.FakeHandler())
+	c, _ := NewClient(s.URL, "", nil)
+
+	want := api.User{}
+
+	req := api.User{
+		Admin: Bool(true),
+	}
+
+	// run test
+	got, resp, err := c.User.Update("not-found", &req)
+
+	if err == nil {
+		t.Errorf("User Update should have returned err")
+	}
+
+	if resp.StatusCode != http.StatusNotFound {
+		t.Errorf("User Update returned %v, want %v", resp.StatusCode, http.StatusNotFound)
+	}
+
+	if !reflect.DeepEqual(got, &want) {
+		t.Errorf("User Update is %v, want %v", got, want)
+	}
+}
+
+func TestCurrentUser_Get_200(t *testing.T) {
+	// setup context
+	gin.SetMode(gin.TestMode)
+
+	s := httptest.NewServer(server.FakeHandler())
+	c, _ := NewClient(s.URL, "", nil)
+
+	data := []byte(server.UserResp)
+
+	var want api.User
+	_ = json.Unmarshal(data, &want)
+
+	// run test
+	got, resp, err := c.User.GetCurrent()
+
+	if err != nil {
+		t.Errorf("User GetCurrent returned err: %v", err)
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		t.Errorf("User GetCurrent returned %v, want %v", resp.StatusCode, http.StatusOK)
+	}
+
+	if !reflect.DeepEqual(got, &want) {
+		t.Errorf("User GetCurrent is %v, want %v", got, want)
+	}
+}
+
+func TestUser_GetCurrent_401(t *testing.T) {
+	// setup context
+	gin.SetMode(gin.TestMode)
+
+	s := httptest.NewServer(server.FakeHandler())
+	c, _ := NewClient(s.URL, "", nil)
+
+	c.Authentication.SetTokenAuth("invalid")
+
+	want := api.User{}
+
+	// run test
+	got, resp, err := c.User.GetCurrent()
+
+	if err == nil {
+		t.Errorf("User GetCurrent should have returned err")
+	}
+
+	if resp.StatusCode != http.StatusUnauthorized {
+		t.Errorf("User GetCurrent returned %v, want %v", resp.StatusCode, http.StatusUnauthorized)
+	}
+
+	if !reflect.DeepEqual(got, &want) {
+		t.Errorf("User GetCurrent is %v, want %v", got, want)
+	}
+}
+
+func TestUser_UpdateCurrent_200(t *testing.T) {
+	// setup context
+	gin.SetMode(gin.TestMode)
+
+	s := httptest.NewServer(server.FakeHandler())
+	c, _ := NewClient(s.URL, "", nil)
+
+	data := []byte(server.UserResp)
+
+	var want api.User
+	_ = json.Unmarshal(data, &want)
+
+	favorites := []string{"github/octocat"}
+
+	req := api.User{
+		Favorites: &favorites,
+	}
+
+	// run test
+	got, resp, err := c.User.UpdateCurrent(&req)
+
+	if err != nil {
+		t.Errorf("User UpdateCurrent returned err: %v", err)
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		t.Errorf("User UpdateCurrent returned %v, want %v", resp.StatusCode, http.StatusOK)
+	}
+
+	if !reflect.DeepEqual(got, &want) {
+		t.Errorf("User UpdateCurrent is %v, want %v", got, want)
+	}
+}
+
+func TestUser_UpdateCurrent_401(t *testing.T) {
+	// setup context
+	gin.SetMode(gin.TestMode)
+
+	s := httptest.NewServer(server.FakeHandler())
+	c, _ := NewClient(s.URL, "", nil)
+
+	c.Authentication.SetTokenAuth("invalid")
+
+	want := api.User{}
+
+	favorites := []string{"github/octocat"}
+
+	req := api.User{
+		Favorites: &favorites,
+	}
+
+	// run test
+	got, resp, err := c.User.UpdateCurrent(&req)
+
+	if err == nil {
+		t.Errorf("User UpdateCurrent should have returned err")
+	}
+
+	if resp.StatusCode != http.StatusUnauthorized {
+		t.Errorf("User UpdateCurrent returned %v, want %v", resp.StatusCode, http.StatusUnauthorized)
+	}
+
+	if !reflect.DeepEqual(got, &want) {
+		t.Errorf("User UpdateCurrent is %v, want %v", got, want)
+	}
+}