Readable identity debugging with Authdog CLI /whoami
Inspect authenticated user information in structured tables or raw JSON without leaving the Authdog terminal interface.
Authdog Engineering
Identity debugging often starts with one question: who does the server think I am? Authdog CLI answers from the authenticated API rather than relying only on locally decoded token claims.
Enter /whoami or /me inside authdog-cli.
Ask the userinfo endpoint
The command calls authenticated GET /v1/userinfo with the current access token. This gives the CLI a server-provided view of the current identity and session.
The response opens with two representations:
- Pretty groups fields into readable sections and tables.
- Raw displays indented JSON for exact inspection.
Use Tab or Shift-Tab to switch views. Keyboard scrolling and mouse-wheel scrolling keep larger responses usable inside the fullscreen interface.
Make token fields readable
When identity data contains JWT-shaped values, shared formatting helpers can decode the payload for display. Timestamps become readable dates, expired timestamps are marked, and noisy session identifiers can be suppressed from the formatted view.
Decoded does not mean verified. The local JWT helper reads payload claims for presentation but does not verify the signature. Trust decisions still belong to Authdog APIs and correctly configured token verification in your application.
Keep raw output in context
Raw view helps compare the exact API response with the formatted view, but the beta keeps both inside its terminal UI. It does not currently emit stable JSON to stdout for pipelines such as jq.
That distinction avoids a fragile automation contract while the data shape and command model are still evolving.
Check surrounding session state
When an identity looks unexpected, combine /whoami with /status. Status shows the credential path and active organization, tenant, project, and environment selections. It also shows token lengths and limited previews rather than printing complete credentials.
For current-user debugging, the workflow is short:
/loginto establish a session./whoamito inspect server-provided identity.- Switch between Pretty and Raw views.
/statusto verify resource scope./logoutwhen the local session should be removed.
The goal is not to replace protocol tooling. It is to make the most common identity check immediate and legible.