There's currently no way for a client to get information about the authenticated user since the authentication process returns an opaque token and nothing else.
There are cases, however, where knowing who the user is would be essential. In the prototype for the new Kashti, for instance, we could use existing APIs to query for user permissions... but only if we know who the user is.
The new endpoint could simply return an instance of the existing principal reference type.
There's currently no way for a client to get information about the authenticated user since the authentication process returns an opaque token and nothing else.
There are cases, however, where knowing who the user is would be essential. In the prototype for the new Kashti, for instance, we could use existing APIs to query for user permissions... but only if we know who the user is.
The new endpoint could simply return an instance of the existing principal reference type.