Documentation
Feedback
Guides
API Reference

Guides
API usage
Authentication
Checking which user is currently authenticated

When a user logs into your store, cookies that store the authorization token are created. From this moment, any request to VTEX servers will load these cookies automatically, identifying the user responsible for the action.

In many contexts different than API requests to VTEX, it may be necessary to verify that the user is logged in or maybe get something that identifies them, such as email or ID. Cookies also allow this type of action.

However, note that these cookies have the "HTTP Only" and "Secure" options enabled, which means that they are not accessible by any JavaScript method, and will only be sent in secure HTTP requests (i.e., using the HTTPS protocol).

So the verification of the user who is authenticated must happen through the following API endpoint:


_10
GET
_10
https://{accountName}.{environment}.com.br/api/vtexid/pub/authenticated/user?authToken={VtexIdclientAutCookie}

The response will be structured like this:


_10
{
_10
"userId": "88888888-8888-8888-8888-888888888888",
_10
"user": "user@mail.com",
_10
"userType": "F"
_10
}

  • userId: is the user ID within VTEX services.
  • user: user email.
  • userType: meant for VTEX internal use.

If the user is not authenticated, the response for this API will be empty (null response body), with an HTTP status 200 (OK) or 401 (Unauthorized).

Contributors
3
Photo of the contributor
Photo of the contributor
Photo of the contributor
+ 3 contributors
Was this helpful?
Yes
No
Suggest edits (Github)
See also
API authentication using user tokens
Guides
Contributors
3
Photo of the contributor
Photo of the contributor
Photo of the contributor
+ 3 contributors
On this page