GET /v1/users/me

Read the caller's profile.

::: tip Auth Required: cookie or Bearer. :::

Request

GET /v1/users/me

Response

200 OK

{
  "id": "1c8b2a5e-...",
  "email": "alice@example.com",
  "display_name": "Alice Anderson",
  "organization_id": "ec3f7b1a-...",
  "job_title": "Engineer",
  "phone_number": null,
  "avatar_url": "https://files.example.com/avatars/1c8b2a5e/abc.png",
  "bio": null,
  "preferences": { "theme": "dark" },
  "mfa_enabled": true,
  "passkey_enabled": false,
  "email_verified": true,
  "last_password_change": "2026-04-20T10:00:00Z"
}

Security-sensitive fields (password_hash, mfa_secret, email_verification_token) are deliberately omitted.

Error responses

Status	Code	When
401	authentication_required	No valid auth credential.
404	not_found	User no longer exists.