API ReferenceAuth Flows
Get Session
Validate a session token and retrieve the authenticated user's identity and session metadata.
Endpoint
GET /v1/sessions/whoamiBase URL: https://api-id.avnology.net
Authentication: Required -- session token
Validates the provided session token and returns the full session object including the authenticated user's identity, device information, and authentication methods used. This is the primary endpoint for verifying that a user is authenticated.
Request
Headers
| Header | Required | Description |
|---|---|---|
Authorization | Yes | Bearer <session_token> |
Example Request
curl https://api-id.avnology.net/v1/sessions/whoami \
-H "Authorization: Bearer avnl_ses_a1b2c3d4e5f6g7h8..."Response
Success (200 OK)
{
"id": "ses_1a2b3c4d-5e6f-7a8b-9c0d-1e2f3a4b5c6d",
"identity_id": "usr_4f18acec-2712-4be7-a9af-b063b4f6deba",
"identity": {
"id": "usr_4f18acec-2712-4be7-a9af-b063b4f6deba",
"email": "[email protected]",
"username": "janesmith",
"first_name": "Jane",
"last_name": "Smith",
"email_verified"
Errors
| Status | Code | Description |
|---|---|---|
| 401 | AVNOLOGY_AUTH_005 | Session token is invalid |
| 401 | AVNOLOGY_AUTH_004 | Session has expired |
Code Examples
JavaScript (fetch)
async function getSession(sessionToken) {
const response = await fetch('https://api-id.avnology.net/v1/sessions/whoami', {
headers: { 'Authorization': `Bearer ${sessionToken}` },
});
if (!response.ok) throw new Error
Python (httpx)
import httpx
def get_session(session_token: str) -> dict:
response = httpx.get(
"https://api-id.avnology.net/v1/sessions/whoami",
headers={"Authorization": f
Go (net/http)
func getSession(ctx context.Context, sessionToken string) (*Session, error) {
req, _ := http.NewRequestWithContext(ctx,
Related
- List Sessions -- list all active sessions
- Revoke Session -- terminate a session
- SDK:
client.auth.getSession()(TypeScript)