Get logged-in user

You can get the logged-in user by performing a GET request to the authentication endpoint.

Note that Authentication endpoints are secured by default, so you have to include the Access token in the request. See below Request Cookies or Request headers.

Request data

HTTP method: GET

URL format: https://baseUrl/versionNumber/customEndpointRoute/userEndpoint?key=apiKey[&dataOnly=true]

Example:

https://app.rested.dev/api/1/ce/examples/auth?key=d59eb2859c284168ac48aef65046d5dd[&dataOnly=true]

Request Parameters

The following table describes the Request parameters.

Parameter	Description	Required
baseUrl	Base url for calling the API. Value: app.rested.dev/api	Yes
versionNumber	Service version. Value: The current value is 1.	Yes
customEndpointRoute	The route which identifies custom endpoints. Default value: ce	Yes
userEndpoint	The endpoint name generated by the user. Value: the name created at https://app.rested.dev	Yes
key	The API Key of the project.	Yes
dataOnly	If used, the endpoint response will be the POST body, without additional information such as ‘uniqueId’. Value: true	No
masterKey	Overrides the need for Access tokens or restrictions applied to Authentication endpoints. Don't use this key in your client application. For more information please refer to projects. Value: the masterKey created at https://app.rested.dev.	No

Request Cookies

Header Description Required

__Secure-rested-access-token

The Access token is required for secure endpoints.

It is obtained when doing a login and it is stored in an httpOnly cookie. To automatically include it in the request you need to set the following property:

// using fetch
{ credentials: 'include' }

// using axios
{ withCredentials: true }

Alternatively you can also use the Authorization header.

For more information please refer to the login documentation and Secure Endpoints documentation.

Yes - if endpoint is secure and Authorization header is not used

Request Headers

Header

Description

Required

Authorization

The Access token is required for secure endpoints.

You should use this header if you are not using the httpOnly cookie to access a Secure endpoint.

For more information please refer to the login documentation and Secure Endpoints documentation.

Yes - if endpoint is secure and httpOnly cookie is not used

Response data

Error codes

Error code	Description
400	Possible reasons: Endpoint or API Key not valid.
401	Possible reasons: Missing Access Token. Invalid credentials. Token expired. No user found.
403	Missing API Key, not allowed origin or disallowed request without orign.

Successful response

{
uniqueId: "3f38bf9e1bb54d2396d1f1b8fbba1630",
data: { username: "usernameeee" },
createdAt: "2020-12-27T10:58:45.000Z",
updatedAt: "2020-12-27T10:58:45.000Z"
}

Request data​

Request Parameters​

Request Cookies​

Request Headers​

Response data​

Error codes​

Successful response​