GET/api/auth/session

Get current Auth.js session

Returns the current Auth.js/NextAuth session by reading the session cookie and running the full auth handler, including session revocation checks. Authenticated responses include the user profile, tenant context, session_id from the sessions table, and login method. If no valid session cookie is present, the route still returns HTTP 200 with an empty object.

Response body

Success response 200 · schema AuthSessionResponse

anyOf (option 1)object

session_idstring <uuid>

Current session UUID from the sessions table, created at sign-in.

login_methodstring

Authentication method used for this session, such as credentials, google, or azure-ad.

userobjectRequired

idstringRequired

User identifier from the users.user_id record.

emailstring <email>Required

User's email address.

namestringRequired

User's display name, usually first_name plus last_name.

usernamestringRequired

User's login username.

imagestring

Avatar or profile image URL.

proTokenstring

Legacy Pro token value when present.

tenantstring

Tenant UUID from the user session JWT.

tenantSlugstring

URL-safe tenant slug for portal routing.

user_typestring

User classification from users.user_type.

Enum: clientinternal

clientIdstring <uuid>

Client UUID from contacts.client_id for client-portal users.

contactIdstring <uuid>

Contact UUID from users.contact_id for client-portal users.

planstring

Current tenant billing plan key.

addonsarray of string

Enabled tenant add-on keys.

itemsstring

trial_endstringNullable

Trial expiry timestamp when present.

subscription_statusstringNullable

Billing subscription status copied into the session token.

Enum: activetrialingpast_dueunpaid

solo_pro_trial_endstringNullable

Solo Pro trial expiry timestamp when present.

premium_trial_endstringNullable

Premium trial expiry timestamp when present.

premium_trial_confirmedboolean

Whether the user confirmed the Premium trial.

premium_trial_effective_datestringNullable

Premium trial effective date when present.

anyOf (option 2)object

Empty object returned when no authenticated session is present.

Response codes

200

Authenticated session object, or {} when the request is unauthenticated.

500

Unexpected session retrieval failure.

GET /api/auth/session

cURL

curl -X GET "https://algapsa.com/api/auth/session" \
  -H "X-API-Key: $ALGA_API_KEY"

TypeScript

const response = await fetch("https://algapsa.com/api/auth/session", {
  method: "GET",
  headers: {
    "X-API-Key": "$ALGA_API_KEY",
  }
});
const data = await response.json();

using var client = new HttpClient();
using var request = new HttpRequestMessage(HttpMethod.Get, "https://algapsa.com/api/auth/session");
request.Headers.TryAddWithoutValidation("X-API-Key", "$ALGA_API_KEY");
var response = await client.SendAsync(request);
var body = await response.Content.ReadAsStringAsync();

200 OK·application/json

{
  "session_id": "01HN2K7VRB9PQ3Y0000000000",
  "login_method": "string",
  "user": {
    "id": "string",
    "email": "user@example.com",
    "name": "string",
    "username": "string",
    "image": "string",
    "proToken": "string",
    "tenant": "string",
    "tenantSlug": "string",
    "user_type": "client",
    "clientId": "01HN2K7VRB9PQ3Y0000000000",
    "contactId": "01HN2K7VRB9PQ3Y0000000000",
    "plan": "string",
    "addons": [
      "string"
    ],
    "trial_end": "string",
    "subscription_status": "active",
    "solo_pro_trial_end": "string",
    "premium_trial_end": "string",
    "premium_trial_confirmed": false,
    "premium_trial_effective_date": "string"
  }
}