The endpoints in the me section are designed to return data about the current authenticated user. You will authenticate using the user’s access token.
These endpoints allows you to retrieve data that scoped to the current user and your app. You can use these endpoints to pull the user’s memberships, products, payments, and more.
It is recommended that you use these endpoints in your app to personalize the user’s exerience. You can also use these endpoints to confirm a user has access to your app. However, if you just want to check access, we recommend you use our prebuilt access checking API.
Common Use Cases
- Fetching the user’s details, such as their email, username, or profile picture
- Fetching the user’s memberships for your app
- Fetching a user’s orders for their in-app purchases
There are two different access tokens that you can use to authorize these requests. This depends on if you’re building a Whop App or gating your web app with OAuth
If you’re building a Whop App
Pass the user’s access token that is stored as the
whop_user_token cookie. If you’re using the JS SDK, this can easily be sent through the headers. Read more about the SDK authentication here.
If you’re gating your web app with OAuth
Pass the user’s access token that you receieve from the OAuth flow. You can read more about this in our OAuth documentation.
Once you close the modal, you cannot view your Client Secret again. Store it securely. If needed, you can generate a new one, but the previous one will be invalidated.