Skip to main content
By the end of this page you’ll have called GET /v1/me against the gavAI API with a test-mode key and read the response: the user the key belongs to, the token’s scopes, and the workspace it acts on. Five minutes. The point isn’t the endpoint — /v1/me is the cheapest, safest call to confirm authentication works before you ask the API to do anything real. This is the code entry point. The Builder (console) and the MCP server reach the same workspace and the same isolation guarantees. See Who this is for if you’re deciding which entry point fits.

What you need

How a request gets authenticated

One sentence of mental model before you start, so the response shape isn’t surprising: Every gavAI API request carries one credential in the Authorization header. The API resolves that credential to three things — the user who owns it, the token itself (with its scopes), and the workspace the call runs against. GET /v1/me is the endpoint that hands those three back to you so you can see what your key resolves to before using it for anything else. That’s why this is a good first call: it’s read-only, it touches every part of the auth path, and the response is a self-portrait of your access.

Steps

What you can do now

You have a working API key, a confirmed identity, and you’ve seen the shape every gavAI response is built around (user, token, workspace). From here: