GET /api/auth/me
Retrieve the currently authenticated user.
This endpoint returns information about the currently authenticated user.
It is commonly used to validate an access token and fetch basic user identity details.
When to use
- After login to fetch user details
- On page refresh to restore user state
- To verify that an access token is still valid
Request
HTTP
GET /api/auth/me
Authorization: Bearer <access_token>A valid access token must be provided in the Authorization header.
Response
Success (200 OK)
Response
{
"success": true,
"data": {
"id": "user_id",
"email": "user@example.com"
}
}The response contains the authenticated user’s basic identity fields.
Errors
Unauthorized (401)
Error
{
"success": false,
"message": "Unauthorized"
}Invalid token (401)
Error
{
"success": false,
"message": "Invalid or expired access token"
}Notes
- This endpoint does not refresh tokens
- If the access token is expired, use the refresh endpoint
- No cookies are required for this endpoint
Related APIs
- POST
/api/auth/login– Start a session - POST
/api/auth/refresh– Refresh access token - POST
/api/auth/logout– End the session