Skip to content

Get the current user

GET
/api/users/me

Returns the profile of the currently authenticated user, resolved from the session/JWT rather than by ID (no user ID is accepted). In addition to the base profile it also exposes hasPassword (whether a local password is set) and connectedProviders (linked OAuth providers). Requires a fully authenticated session; a remember-me / partially authenticated token is rejected.

Authorizations

ApiToken

Long-lived API token created via POST /api/api-tokens (returned once in plaintext).

Type
API Key (header: X-API-TOKEN)
or
JWT

JWT access token obtained via POST /api/auth/login. Send as: Authorization: Bearer .

Type
HTTP (bearer)

Responses

User resource

JSON
{
  
"@context": "string",
  
"@id": "string",
  
"@type": "string",
  
"id": "9f1b6c2e-1e4a-4c3a-9c8b-1d2e3f4a5b6c",
  
"email": "jane.doe@example.com",
  
"firstName": "Jane",
  
"lastName": "Doe",
  
"superAdmin": false,
  
"active": true,
  
"emailVerified": true,
  
"emailVerifiedAt": "2025-06-15T10:30:00+00:00",
  
"hasPassword": true,
  
"twoFactorEnabled": false,
  
"createdAt": "2025-06-15T10:30:00+00:00",
  
"updatedAt": "2025-06-15T10:30:00+00:00",
  
"twoFactorEnforced": true,
  
"connectedProviders": [
  
  
[
  
  
  
"google"
  
  
]
  
]
}

Playground

Authorization

Samples

Powered by VitePress OpenAPI