Skip to content

Get current user

GET
/v1/me
curl --request GET \
--url https://example.com/v1/me \
--header 'Authorization: Bearer <token>'

Returns the lean view of the caller (resolved from the JWT), including their owner scope, grants, and non-secret credential summaries. Refuses bootstrap tokens.

OK

Media typeapplication/json

The lean current-user view. Resolved from the JWT — no path variable. Deliberately omits admin/audit fields (granted_by, disabled, last_login).

object
user_id
required
string
username
string
email
string
display_name
string
owner_scope
required

An owning scope. st is the scope type (partition or namespace) and si is its UUID.

object
st
required
string
Allowed values: partition namespace
si
required
string
created
string format: date-time
grants
Array<object>
object
scope_type
required
string
scope_id
required
string
role
required
string
applies_to

Namespace-breadth modifier (self/subtree/descendants); empty for non-namespace grants.

string
expiry
string format: date-time
credentials
Array<object>

A non-secret summary of one credential the user holds.

object
type
required

Credential type (e.g. “apikey”, “password”, “totp”).

string
label
string
disabled
required
boolean
created
string format: date-time
last_used
string format: date-time
expiry
string format: date-time
Example
{
"owner_scope": {
"st": "partition"
}
}

Error response

Media typeapplication/problem+json

RFC 7807 Problem Details

object
type

Problem type slug URI

string
title
string
status
integer
detail
string
key
additional properties
any
Examplegenerated
{
"type": "example",
"title": "example",
"status": 1,
"detail": "example"
}