Return the caller identity + permissions
Echoes the `orgId`, `permissions`, and key metadata derived from the Authorization header (or x402 payment). Useful for SDKs to confirm which org a key is bound to and what permissions it carries.
API key auth. Prefix cf_live_ for production orgs, cf_test_ for sandbox.
In: header
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
application/json
application/json
curl -X GET "https://example.com/v1/whoami"{ "orgId": "string", "permissions": { "property1": [ "string" ], "property2": [ "string" ] }, "keyId": "string", "keyName": "string"}{ "error": { "code": "string", "message": "string", "details": { "property1": null, "property2": null } }}{ "error": { "code": "string", "message": "string", "details": { "property1": null, "property2": null } }}{ "error": { "code": "string", "message": "string", "details": { "property1": null, "property2": null } }}{ "error": { "code": "string", "message": "string", "details": { "property1": null, "property2": null } }}{ "error": { "code": "string", "message": "string", "details": { "property1": null, "property2": null } }}{ "error": { "code": "string", "message": "string", "details": { "property1": null, "property2": null } }}{ "error": { "code": "string", "message": "string", "details": { "property1": null, "property2": null } }}Shallow + deep health check GET
Shallow (default) returns 200 with a minimal liveness payload for load balancers. Append `?deep=1` to exercise component bindings (rate-limiter). Unauthenticated.
Get a skill's SKILL.md (markdown) GET
Returns the raw SKILL.md for the named skill as `text/markdown`, ready to load into an agent. 404 if the skill name is unknown. Unauthenticated.