Validate credential (Internal/Gateway)

curl --request GET \
  --url http://localhost:9002/api/v1/auth/validate \
  --header 'Authorization: Bearer <token>'

{
  "success": true,
  "data": {
    "user_id": "user-abc123-v1",
    "account_id": "acct-xyz789-v1",
    "scopes": [
      "read",
      "write"
    ],
    "auth_type": "jwt",
    "is_verified": true
  }
}

Authentication

Validate credential

Port: 9002 (private) - Internal use only, not exposed publicly.

Polymorphic credential validation supporting both JWT tokens and API keys. Called by API gateway to validate incoming requests before proxying.

For JWT tokens, validates against Auth0 and returns user information. For API keys, validates the key hash and returns associated user/account info.

When validating for write operations (POST, PUT, PATCH, DELETE), unverified users will receive a 403 Forbidden response.

GET

api

auth

validate

Validate credential (Internal/Gateway)

curl --request GET \
  --url http://localhost:9002/api/v1/auth/validate \
  --header 'Authorization: Bearer <token>'

{
  "success": true,
  "data": {
    "user_id": "user-abc123-v1",
    "account_id": "acct-xyz789-v1",
    "scopes": [
      "read",
      "write"
    ],
    "auth_type": "jwt",
    "is_verified": true
  }
}

Authorizations

Authorization

string

header

required

JWT token from Auth0

Headers

x-upstream-method

enum<string>

Original HTTP method from upstream request (used by gateway). If method is POST/PUT/PATCH/DELETE and user is unverified, request is rejected.

Available options:

GET,

POST,

PUT,

PATCH,

DELETE

Response

Credential is valid

success

boolean

Example:

true

data

object

Delete a Security Groups Current User Profile

GPU Cluster API

Kubernetes Service API

Health

IAM

Firewall

Authentication

Webhooks

User

API Keys

Validate credential

Authorizations

Headers

Response