> ## Documentation Index
> Fetch the complete documentation index at: https://iam-docs.razi.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Token Introspection

<Warning>
  The user has to be logged in to proceed with this flow.

  Make sure to either:

  * Send a valid `Authorization` header with of type `Bearer TOKEN_VALUE` where **TOKEN\_VALUE** is the token returned in the response from [Sign up](/api-tutorials/unauthenticated-flows/sign-up-by-username-password#sign-up-a-user) or [Sign in](/api-tutorials/unauthenticated-flows/sign-in-by-username-password) flow
  * In case your app supports cookie, you can enable request cookies as our API Automatically sets a cookie named `session-token` which is forwarded with each request to our api.
</Warning>

Since we use opaque token in our IAM Service, we follow approach recommended by [Auth0](https://auth0.com/docs/secure/tokens/access-tokens#opaque-access-tokens).

```bash
curl --request GET \
  --url https://dev-iam.razi.ai/v1/authentication/users/me \
  --header 'Authorization: Bearer YOUR_SECRET_TOKEN' \
  --header 'X-App-Name: '
```

The above call will return the `userid` and `state` if the token is valid.

<Tip>
  [Link to Playground](https://dev-iam.razi.ai/docs#/tag/authentication/GET/v1/authentication/users/me)
</Tip>