Logo Help Center

Elvis 6 REST API - profile

Elvis 6 REST API - profile



What does it do?

Retrieve details about the user authenticated in the current browser session.

POST requests only

This REST API only accepts POST requests, not GET requests. Also, the POST request needs to include a cross-site request forgery (csrf) token.

The csrf token is a unique code which, by including it in the request, also makes the POST request unique and therefore much more secure.

The csrf token is obtained by first logging in to Elvis Server through a POST request. The response that is received will include the csrf token which can then be used in subsequent POST requests as a http header:

"X-CSRF-TOKEN: <some_csrf_token>"

For more information including examples, see Elvis 6 REST API - Performing a POST request with a csrf token.


This service has no parameters.

Return value

The service returns a JSON response with the following information:


Primary unique user name or principle.

When authenticated against LDAP/ActiveDirectory, this may be different than the username used to log in.

fullName Full name of the user. This can be used as a display name.

User's e-mail address.

Only returned when the user is authenticated against an LDAP/ActiveDirectory, and an e-mail address is available there.

userZone The location in Elvis where the private files of the user are stored. Only returned for users that have access to a private zone.
groups The groups that the user belongs to. These are associated with a user in the LDAP/ActiveDirectory or in the internal-users config file.
authorities The capabilities assigned to the user.


AJAX login with success

The following shows the response of a successful authentication attempt.




  "authorities" : [ "ROLE_USER", ... ],
  "username" : "demo",
  "fullName" : "Demo User",
  "userZone" : "/Users/demo",
  "groups" : [ "department1" ],
  "email" : "demo@example.com"

Session not authenticated

The following shows the response when the session is not authenticated.


  "errorcode" : 401,
  "message" : "Not logged in"

Document history

  • 27 July 2017: Added section 'Post requests only'.
Was this article helpful?
0 out of 0 found this helpful / Created: / Updated:
Have more questions? Submit a request


Please sign in to leave a comment.