Skip to main content
GET
/
authentication
/
status
Get authentication status
curl --request GET \
  --url https://api.uk.veridox.ai/authentication/status
{
  "type": "user",
  "complete": true,
  "methods": [
    "password"
  ],
  "verification_stage": "email_verified",
  "token": "eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9..."
}
Validates an API key and returns information about the authenticated organisation. This endpoint is used for verifying API key validity and retrieving organisation context before making other API calls.

Best Practices

  1. Key Validation: Call this endpoint when initializing API clients to ensure your credentials are valid.
  2. Error Handling: Check the is_active field to ensure the key hasn’t been revoked.
  3. Caching: Cache validation results briefly (5-10 minutes) to avoid redundant network calls.
  4. Organisation Context: Use the organisation_id to validate multi-tenant application context.

Response

200 - application/json

Authentication status (returns user session info if authenticated with JWT, API key info if authenticated with API key, or type: 'none' if not authenticated)

type
enum<string>
required
Available options:
user
Example:

"user"

complete
boolean
required

Whether multi-factor authentication is complete

Example:

true

methods
enum<string>[]
required

Authentication methods completed for this session

Available options:
password,
email-otp,
device-trust
Example:
["password"]
verification_stage
enum<string>
required

User verification stage: unverified (password only), email_verified (password + OTP), verified (admin approved), or administrator

Available options:
unverified,
email_verified,
verified,
administrator
Example:

"email_verified"

token
string
required
Example:

"eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9..."