Cookie-aware whoami

curl --request GET \
  --url https://api.mnemom.ai/v1/auth/session \
  --cookie mnemom_session=

{
  "user": {
    "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "email": "[email protected]",
    "app_metadata": {},
    "user_metadata": {}
  }
}

GET

auth

session

Cookie-aware whoami

curl --request GET \
  --url https://api.mnemom.ai/v1/auth/session \
  --cookie mnemom_session=

{
  "user": {
    "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "email": "[email protected]",
    "app_metadata": {},
    "user_metadata": {}
  }
}

Authorizations

mnemom_session

string

required

HttpOnly, Secure, SameSite=Lax cookie issued by /v1/auth/sign-in (or the SSO / email-callback flows). The value is an AES-256-GCM-encrypted blob of {access_token, refresh_token, issued_at, auth_method}. Browser clients include this automatically with credentials: "include".

Response

Authenticated session.

user

object

Supabase user shape. Fields beyond id and email are passthrough.

Show child attributes

Sign out and clear session cookies CLI password login — returns bearer tokens in JSON body

⌘I