A newer version of this documentation is available.

View Latest

Who Am I?

    A Couchbase-Server user can check their id (or username), domain, roles, and other details.

    HTTP method and URI

    GET ./whoami


    The call returns an object that contains the following:

    • roles. An object containing a key-value pair for every role assigned to the user. For example, "role": "analytics_reader". Bucket-related roles are accompanied by a statement of the bucket to which the role applies. For example, "bucket_name": "travel-sample".

    • id. The user’s id (or username).

    • domain. The user’s authentication domain, which can be local or external. For information, see Authentication.

    • name. The user’s full name, if specified.

    • password_change_date. The date on which the user’s password was last changed. For example, "2020-02-13T04:08:31.000Z".


    If successful, the call returns 200 OK, and an object that contains information on the user’s id, domain, name, roles, and date of last password-change.

    A malformed URI returns 404 Object Not Found. Failure to authenticate returns 401 Unauthorized.


    The following call returns information on a user whose id is multiRoleAdmin. Note that the output is piped to the jq command, to facilitate output-readability.

    curl -X GET -u multiRoleAdmin:multiRoleAdminPassword \ | jq

    If successful, the command returns output such as the following:

      "id": "multiRoleAdmin",
      "domain": "local",
      "roles": [
          "role": "query_manage_index",
          "bucket_name": "*"
          "role": "bucket_admin",
          "bucket_name": "travel-sample"
          "role": "security_admin"
          "role": "analytics_reader"
      "name": "john smith",
      "password_change_date": "2020-02-14T06:53:11.000Z"

    See Also

    An overview of Couchbase-Server authentication, and of authentication domains, is provided in Authentication.