Retrieve a user
Fetch the user for the current (or a supplied) access token.
Fetch the User record from GoTrue's GET /user endpoint. Without an argument, get_user uses the access token from the current session (calling get_session internally, which may refresh the token if it's near expiry). Pass an explicit JWT to look up a user by an arbitrary token instead.
Returns nil when there is no session and no JWT is provided.
Signature
supabase.auth.get_user(jwt = nil)jwt is an optional positional argument — an access token to verify on the server. When omitted, the current session's access_token is used.
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
jwt | String | Optional | Optional access token. If nil, the current session token is used. If both are missing, returns nil. |
Returns
A Struct with a single :user field — a Types::User containing :id, :email, :phone, :user_metadata, :app_metadata, :identities, :factors, :created_at, :last_sign_in_at, etc. Returns nil when no session is stored and no JWT was supplied. Raises Supabase::Auth::Errors::AuthApiError if GoTrue rejects the token (expired/invalid).
Example — use the current session
response = supabase.auth.get_user
if response
response.user.id # => "8b3c..."
response.user.email # => "ada@example.com"
endExample — verify a user-supplied token
# E.g. extracted from an Authorization: Bearer header on an incoming request:
response = supabase.auth.get_user(bearer_from_request)
raise "Invalid token" unless responseExample — read app and user metadata
response = supabase.auth.get_user
response.user.user_metadata["display_name"] # set by sign_up :data
response.user.app_metadata["provider"] # e.g. "email" or "google"