Lightweight endpoint to verify if the current session is valid. Returns minimal information without fetching full user data.

Verify Session

GET/auth/verify-session

Lightweight endpoint to verify if the current session is valid. Returns minimal information without fetching full user data.

200

Field	Type	Required	Description
`valid`	`boolean`	optional	Example: `true`
`userId`	`string`	optional	Example: `123e4567-e89b-12d3-a456-426614174000`
`expiresAt`	`string`	optional	Example: `2024-01-01T12:00:00.000Z`

Example response

{
  "valid": true,
  "userId": "123e4567-e89b-12d3-a456-426614174000",
  "expiresAt": "2024-01-01T12:00:00.000Z"
}

400Validation failed (bad input).

ApiErrorResponseDto

Field	Type	Required	Description
`statusCode`	`number`	required	HTTP status code Example: `401`
`error`	`string`	required	HTTP status text / exception name Example: `Unauthorized`
`message`	`string`	required	Human-readable message Example: `Invalid credentials`
`code`	`string`	required	Stable, machine-readable error code — branch on this, not the message Example: `INVALID_CREDENTIALS`

Example response

{
  "statusCode": 401,
  "error": "Unauthorized",
  "message": "Invalid credentials",
  "code": "INVALID_CREDENTIALS"
}

401Missing, invalid, or expired authentication.

ApiErrorResponseDto

Field	Type	Required	Description
`statusCode`	`number`	required	HTTP status code Example: `401`
`error`	`string`	required	HTTP status text / exception name Example: `Unauthorized`
`message`	`string`	required	Human-readable message Example: `Invalid credentials`
`code`	`string`	required	Stable, machine-readable error code — branch on this, not the message Example: `INVALID_CREDENTIALS`

Example response

{
  "statusCode": 401,
  "error": "Unauthorized",
  "message": "Invalid credentials",
  "code": "INVALID_CREDENTIALS"
}

curl -X GET 'https://api.example.com/auth/verify-session' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer YOUR_ACCESS_TOKEN'

GET /auth/verify-session