A newer version of this documentation is available.

View Latest

Who Am I?

A Couchbase-Server user can check their id (or username), domain, roles, and other details.

HTTP method and URI

GET ./whoami


The call returns an object that contains the following:

  • roles. An object containing a key-value pair for every role assigned to the user. For example, "role": "analytics_reader". Bucket-related roles are accompanied by a statement of the bucket to which the role applies. For example, "bucket_name": "travel-sample".

  • id. The user’s id (or username).

  • domain. The user’s authentication domain, which can be local or external. For information, see Authentication.

  • name. The user’s full name, if specified.

  • password_change_date. The date on which the user’s password was last changed. For example, "2020-02-13T04:08:31.000Z".


If successful, the call returns 200 OK, and an object that contains information on the user’s id, domain, name, roles, and date of last password-change.

A malformed URI returns 404 Object Not Found. Failure to authenticate returns 401 Unauthorized.


The following call returns information on a user whose id is multiRoleAdmin. Note that the output is piped to the jq command, to facilitate output-readability.

curl -X GET -u multiRoleAdmin:multiRoleAdminPassword \ | jq

If successful, the command returns output such as the following:

  "id": "multiRoleAdmin",
  "domain": "local",
  "roles": [
      "role": "query_manage_index",
      "bucket_name": "*"
      "role": "bucket_admin",
      "bucket_name": "travel-sample"
      "role": "security_admin"
      "role": "analytics_reader"
  "name": "john smith",
  "password_change_date": "2020-02-14T06:53:11.000Z"

See Also

An overview of Couchbase-Server authentication, and of authentication domains, is provided in Authentication.