Get the calling API key's own metadata — name, prefix, scopes, expiry, last-used.

Self-introspection. Returns 404 when the caller authenticated via federation/JWT (no API key in scope) and 401 when there's no authentication at all. Never returns the raw secret — only the displayable prefix. No `[RequireScope]`: a key must be able to read its own metadata regardless of what scopes it carries, otherwise narrow keys couldn't see what they can do.

Authorization

Bearer

AuthorizationBearer <token>

JWT Authorization header using the Bearer scheme. Enter 'Bearer' [space] and then your token.

In: header

Path Parameters

tenant*string

The tenant identifier

Response Body

curl -X GET "https://api.fruxon.com/v1/tenants/string/tokens/current"

curl -X GET "https://api.fruxon.com/v1/tenants/string/tokens/current"

{
  "name": "string",
  "ownerType": "USER",
  "ownerId": "string",
  "createdBy": "string",
  "tokenHash": "string",
  "keyPrefix": "string",
  "type": "USER",
  "expiresAt": 0,
  "scopes": [
    "string"
  ],
  "revokedAt": 0,
  "lastUsedAt": 0,
  "createdAt": 0,
  "id": "00000000-0000-0000-0000-000000000000",
  "modifiedAt": 0,
  "tenantId": "00000000-0000-0000-0000-000000000000"
}

{
  "type": "string",
  "title": "string",
  "status": 0,
  "detail": "string",
  "instance": "string",
  "property1": null,
  "property2": null
}

Empty

{
  "type": "string",
  "title": "string",
  "status": 0,
  "detail": "string",
  "instance": "string",
  "property1": null,
  "property2": null
}

Get the calling API key's own metadata — name, prefix, scopes, expiry, last-used.

Authorization

Path Parameters

Response Body

200

401

403

404