Current session user

Requires a valid access JWT (not the MFA pending cookie alone). Includes mfa_enabled, has_password, and OIDC linkage fields when the user row is loaded.

curl -X GET "//api/auth/me" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_API_TOKEN (JWT or sb_ API token)"

import requests
import json

url = "//api/auth/me"
headers = {
  "Content-Type": "application/json",
  "Authorization": "Bearer YOUR_API_TOKEN (JWT or sb_ API token)"
}

response = requests.get(url, headers=headers)
print(response.json())

const response = await fetch("//api/auth/me", {
  method: "GET",
  headers: {
  "Content-Type": "application/json",
  "Authorization": "Bearer YOUR_API_TOKEN (JWT or sb_ API token)"
}
});

const data = await response.json();
console.log(data);

package main

import (
    "fmt"
    "net/http"
)

func main() {

    req, err := http.NewRequest("GET", "//api/auth/me", nil)
    if err != nil {
        panic(err)
    }

    req.Header.Set("Content-Type", "application/json")
    req.Header.Set("Authorization", "Bearer YOUR_API_TOKEN (JWT or sb_ API token)")

    client := &http.Client{}
    resp, err := client.Do(req)
    if err != nil {
        panic(err)
    }
    defer resp.Body.Close()

    fmt.Println("Response Status:", resp.Status)
}

require 'net/http'
require 'json'

uri = URI('//api/auth/me')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true

request = Net::HTTP::Get.new(uri)
request['Content-Type'] = 'application/json'
request['Authorization'] = 'Bearer YOUR_API_TOKEN (JWT or sb_ API token)'

response = http.request(request)
puts response.body

{
  "id": "example_string",
  "email": "user@example.com",
  "name": "John Doe",
  "user_key": "example_string",
  "is_admin": true,
  "email_verified": true,
  "language": "example_string",
  "theme": "example_string",
  "ai_suggestions_enabled": true,
  "mfa_enabled": true,
  "has_password": true,
  "oidc_provider": "example_string",
  "oidc_sub": "example_string"
}

GET

/api/auth/me

GET

Bearer Token (JWT or sb_ API token)

Bearer Tokenstring

Required

Use Authorization: Bearer <token>. Personal API tokens from Profile use the sb_ prefix. You may also send the access JWT as Bearer (same value as the token cookie after login).

Request Preview

Response

Response will appear here after sending the request

Authentication

header

Authorizationstring

Required

Bearer token (JWT or sb_ API token). Use Authorization: Bearer \<token\>. Personal API tokens from Profile use the sb_ prefix. You may also send the access JWT as Bearer (same value as the token cookie after login).

Responses

idstring

emailstring

namestring

user_keystring

is_adminboolean

email_verifiedboolean

languagestring

themestring

ai_suggestions_enabledboolean

mfa_enabledboolean

has_passwordboolean

False when the account has no local password (e.g. OIDC-only).

oidc_providerstring

oidc_substring

errorstring

Was this page helpful?

Last updated Apr 17, 2026

Built with Documentation.AI

{ "id": "example_string", "email": "user@example.com", "name": "John Doe", "user_key": "example_string", "is_admin": true, "email_verified": true, "language": "example_string", "theme": "example_string", "ai_suggestions_enabled": true, "mfa_enabled": true, "has_password": true, "oidc_provider": "example_string", "oidc_sub": "example_string" }