Identify the authenticated principal

curl --request GET \
  --url https://api.verlon.ai/v1/whoami \
  --header 'Authorization: Bearer <token>'

{
  "userId": "<string>",
  "email": "<string>",
  "apiKeyId": "<string>"
}

User

Identify the authenticated principal

Use when: caller wants a minimal “who am I” snapshot — typically a CLI / agent confirming the API key it loaded resolves to the expected Layer account and tier

Returns the authenticated user’s id, email, tier, and the auth mode that resolved the request (api_key or session). When the auth mode is api_key, also returns apiKeyId so the caller can identify which of their keys was used. No PII beyond the email; intentionally a smaller surface than /v1/user (dashboard-only). Accepts both API key and session auth.

GET

whoami

curl --request GET \
  --url https://api.verlon.ai/v1/whoami \
  --header 'Authorization: Bearer <token>'

{
  "userId": "<string>",
  "email": "<string>",
  "apiKeyId": "<string>"
}

Authorizations

Authorization

string

header

required

Layer API key (prefixed sk-). Generated from the dashboard under Settings → API Keys, or via layer key create in the CLI.

Response

Identity snapshot for the authenticated principal.

userId

string

required

string

required

tier

enum<string>

required

Available options:

free,

starter,

growth,

scale,

custom

authMode

enum<string>

required

Available options:

api_key,

session

apiKeyId

string | null

required

Test a BYOK provider key against the upstream provider Get the public model + provider registry

Documentation Index

Authorizations

Response