Get logged-in user

You can get the logged-in user by performing a GET request to the authentication endpoint.

Note that Authentication endpoints are secured by default, so you have to include the Access token in the request. See below Request Cookies or Request headers.

Request data#

HTTP method: GET

URL format: https://baseUrl/versionNumber/customEndpointRoute/userEndpoint?key=apiKey[&dataOnly=true]

Example:

https://app.yawe.dev/api/1/ce/examples/auth?key=d59eb2859c284168ac48aef65046d5dd[&dataOnly=true]

Request Parameters#

The following table describes the Request parameters.

ParameterDescriptionRequired
baseUrlBase url for calling the API.

Value: app.yawe.dev/api

Yes
versionNumberService version.

Value: The current value is 1.

Yes
customEndpointRouteThe route which identifies custom endpoints.

Default value: ce

Yes
userEndpointThe endpoint name generated by the user.

Value: the name created at https://app.yawe.dev

Yes
keyThe API Key of the project.Yes
dataOnlyIf used, the endpoint response will be the POST body, without additional information such as ‘uniqueId’.

Value: true

No
masterKeyOverrides the need for Access tokens or restrictions applied to Authentication endpoints.

Don't use this key in your client application.

For more information please refer to projects.

Value: the masterKey created at https://app.yawe.dev.

No

Request Cookies#

HeaderDescriptionRequired
__Secure-yawe-access-token

The Access token is required for secure endpoints.

It is obtained when doing a login and it is stored in an httpOnly cookie. To automatically include it in the request you need to set the following property:

// using fetch { credentials: 'include' } // using axios { withCredentials: true }

Alternatively you can also use the Authorization header.

For more information please refer to  the login documentation and Secure Endpoints documentation.
Yes - if endpoint is secure and Authorization header is not used

Request Headers#

HeaderDescriptionRequired
Authorization

The Access token is required for secure endpoints.

You should use this header if you are not using the httpOnly cookie to access a Secure endpoint.

For more information please refer to  the login documentation and Secure Endpoints documentation.

Yes - if endpoint is secure and httpOnly cookie is not used

Response data#

Error codes#

Error codeDescription
400Possible reasons:
  • Endpoint or API Key not valid.
401Possible reasons:
  • Missing Access Token.
  • Invalid credentials.
  • Token expired.
  • No user found.
403Missing API Key, not allowed origin or disallowed request without orign.

Successful response#

{
uniqueId: "3f38bf9e1bb54d2396d1f1b8fbba1630",
data: { username: "usernameeee" },
createdAt: "2020-12-27T10:58:45.000Z",
updatedAt: "2020-12-27T10:58:45.000Z"
}