Ghost ID Docs
Product documentation
Back to Dashboard

Profile & Account API

Retrieve the authenticated user's profile, update account details, change credentials, and manage account lifecycle.

👤 Get Current Profile

GET/api/profile

Returns the authenticated user's full profile including organization membership, plan details, and site usage.

🔑 Authentication required: Yes, via session cookie.

Example Request

Bash
curl --request GET \
  --url https://analytics.ghostid.ai/api/profile \
  --cookie "session=YOUR_SESSION_COOKIE"

Response Example

JSON
{
  "profile": {
    "id": "abc123",
    "name": "Jane Smith",
    "email": "jane@example.com",
    "tier": "premium",
    "maxSites": 10,
    "siteCount": 3,
    "createdAt": "2026-01-15T08:30:00.000Z",
    "org": {
      "id": "org_acme",
      "name": "Acme Corp",
      "slug": "acme-corp",
      "role": "owner",
      "memberSince": "2026-01-15T08:31:00.000Z"
    }
  }
}

✏ī¸ Update Name

POST/api/auth/update-user

Update the authenticated user's display name.

🔑 Authentication required: Yes, via session cookie.

Request Body

JSON
{
  "name": "Jane Smith"
}

Response Example

JSON
{
  "user": {
    "id": "abc123",
    "name": "Jane Smith",
    "email": "jane@example.com"
  }
}

📧 Change Email

POST/api/auth/change-email

Change the email address associated with the authenticated user's account.

🔑 Authentication required: Yes, via session cookie.

Request Body

JSON
{
  "newEmail": "newemail@example.com"
}
ℹī¸

The new email takes effect immediately. Make sure you have access to the new address.

🔒 Change Password

POST/api/auth/change-password

Change the authenticated user's password. Requires the current password for verification.

🔑 Authentication required: Yes, via session cookie.

Parameters

NameTypeRequiredDescription
currentPasswordstringYesThe user's current password
newPasswordstringYesNew password (minimum 8 characters)

Request Body

JSON
{
  "currentPassword": "your-current-password",
  "newPassword": "your-new-password"
}

⚠ī¸ Delete Account

POST/api/auth/delete-user

Permanently delete the authenticated user's account. This removes all associated data including sites, tracking history, and organization membership.

🔑 Authentication required: Yes, via session cookie.

⚠ī¸

This action is irreversible. All data associated with the account will be permanently deleted.

📋 Response Codes

  • 200 — Success
  • 401 — Not authenticated or invalid session
  • 404 — User not found
  • 400 — Invalid request (missing fields, password too short)
Previous
Overview
Next
Sites