Skip to main content

Get User Info

Endpoint: GET /api/token/userInfo

Retrieves the user information associated with the current token, including roles, groups, and the fully resolved set of effective permissions.

Query parameters

ParameterDescriptionTypeRequired/ Optional
claimsIf set to true, includes the JWT claims in the response. Defaults to false.booleanOptional.

Response

Returns the user object with the following fields:

FieldDescription
idUser's email or identifier.
nameDisplay name.
namespaceThe organization ID the user belongs to.
rolesList of roles assigned to the user, each with their fully resolved permissions. Permissions in the response are fully resolved; implied permissions are automatically included.
groupsList of groups the user belongs to.

Examples

Get user info

Request

curl -X 'GET' \
'https://<YOUR-SERVER-URL>/api/token/userInfo?claims=false' \
-H 'accept: application/json' \
-H 'X-Authorization: <TOKEN>'

Response

{
"id": "john.doe@acme.com",
"name": "John Doe",
"roles": [
{
"name": "CUSTOM_ROLE",
"permissions": [
{
"name": "READ_WORKFLOW_DEF"
},
{
"name": "EXECUTE_WORKFLOW_DEF"
}
]
}
],
"groups": [],
"uuid": "8deebe7e-4dc9-41c1-934d-9fcd3442b0b0",
"contactInformation": {},
"namespace": "0000",
"orkesWorkersApp": false,
"orkesApiGateway": false,
"applicationUser": false,
"orkesApp": false
}
Get user info with JWT claims

Request

curl -X 'GET' \
'https://<YOUR-SERVER-URL>/api/token/userInfo?claims=true' \
-H 'accept: application/json' \
-H 'X-Authorization: <TOKEN>'

Response

{
"user": {
"id": "john.doe@acme.com",
"name": "John Doe",
"roles": [
{
"name": "CUSTOM_ROLE",
"permissions": [
{
"name": "READ_WORKFLOW_DEF"
},
{
"name": "EXECUTE_WORKFLOW_DEF"
}
]
}
],
"groups": [],
"uuid": "8deebe7e-4dc9-41c1-934d-9fcd3442b0b0",
"contactInformation": {},
"namespace": "0000",
"orkesApp": false,
"orkesWorkersApp": false,
"orkesApiGateway": false,
"applicationUser": false
},
"claims": {
"given_name": "John",
"family_name": "Doe",
"name": "John Doe",
"email": "john.doe@acme.com",
"email_verified": true,
"iss": "https://auth.orkes.io/",
"aud": "s4HLdVbnaJMGvPSgx2YLpynfJlW7GV2e",
"sub": "google-oauth2|116505707345152761464",
"iat": 1782734603,
"exp": 1782770603
}
}