Get authenticated user info
const url = 'https://your-orimora-instance.example.com/api/v1/me';const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request GET \ --url https://your-orimora-instance.example.com/api/v1/me \ --header 'Authorization: Bearer <token>'Returns identity and permission data for the caller. Used by integrations (n8n, MCP clients, custom bots) to validate credentials and discover what the caller is allowed to do.
The role field is deprecated (ADR 0004). New integrations MUST gate on capabilities instead. The field will be removed in v0.2.0; the endpoint itself remains.
Sunset is signalled via response headers:
Sunset: Sun, 15 Nov 2026 00:00:00 GMT(RFC 8594)Link: <ADR URL>; rel="deprecation"; type="text/html"(RFC 8288)
Authorizations
Section titled “Authorizations ”Responses
Section titled “ Responses ”Authenticated user info
object
object
DEPRECATED — computed from capabilities via computeLegacyRole(). Use capabilities instead. Removed in v0.2.0. Mapping: settings.team_edit or system-admin → admin; document.create → member; otherwise viewer.
Granted capabilities for this user/team. System admins receive [”*”]. Use these to gate integration behaviour instead of role.
Example
{ "data": { "role": "admin" }}Headers
Section titled “Headers ”Example
Sun, 15 Nov 2026 00:00:00 GMTRFC 8594 — planned removal date of the role field (IMF-fixdate)
Example
<https://github.com/defcon1702/orimora/blob/main/adr/0004-role-to-capabilities-migration.md>; rel="deprecation"; type="text/html"RFC 8288 — link to the ADR describing the capabilities migration
Unauthorized
object
Human-readable error message
Example generated
{ "error": "example"}