Get Current User

GET /api/auth/get-session

Returns a reduced view of the currently authenticated user and their session.

Request

GET /api/auth/get-session HTTP/1.1

This endpoint returns a public-safe session payload. For integrations, use API tokens (Authorization: Bearer wsm_...) with the REST endpoints under /api/**.

Sensitive internal app fields such as email, role, language, isGlobalAdmin, isGlobalSupporter, emailVerified, image, and platform-admin customer context are intentionally not included.

Response

{
  "user": {
    "id": "user_12345",
    "name": "Max Mustermann",
    "firstName": "Max",
    "lastName": "Mustermann",
    "organizationId": 1,
    "organizationStatus": "active",
    "isActive": true,
    "createdAt": "2026-03-31T15:50:49.030Z",
    "updatedAt": "2026-03-31T15:50:49.030Z"
  },
  "session": {
    "userId": "user_12345",
    "expiresAt": "2027-03-31T15:58:26.618Z",
    "token": "session-token-value"
  }
}