> ## Documentation Index
> Fetch the complete documentation index at: https://docs.endstate.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Introspect the bearer session token

> Returns the scope of the session token presented in the `Authorization: Bearer end_sess_*` header.



## OpenAPI

````yaml /openapi.json get /v1/session-tokens/current
openapi: 3.1.0
info:
  title: Endstate API
  version: v1
  description: Endstate developer API for chip verification and ownership workflows.
servers:
  - url: https://api2.endstate.io
    description: Production
security: []
paths:
  /v1/session-tokens/current:
    get:
      tags:
        - Session Tokens
      summary: Introspect the bearer session token
      description: >-
        Returns the scope of the session token presented in the `Authorization:
        Bearer end_sess_*` header.
      responses:
        '200':
          description: Session token scope.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SessionTokenCurrentResponse'
              example:
                chip_id: ABCDEF0123
                unit_id: 7f8a3c10-1111-4111-8111-111111111111
                organization_id: 99887766-aabb-4ccd-8eef-001122334455
                expires_at: '2026-05-12T12:44:56.000Z'
      security:
        - SessionTokenBearer: []
components:
  schemas:
    SessionTokenCurrentResponse:
      type: object
      properties:
        chip_id:
          type: string
          pattern: ^[0-9A-Fa-f]{10}$
          description: Chip identifier for the tapped chip.
          example: ABCDEF0123
        unit_id:
          type: string
          format: uuid
          description: >-
            Unit identifier — the resource this token authorizes action on
            (claim, transfer, etc.).
          example: 7f8a3c10-1111-4111-8111-111111111111
        organization_id:
          type: string
          format: uuid
          example: 99887766-aabb-4ccd-8eef-001122334455
        expires_at:
          type: string
          format: date-time
          description: ISO-8601 UTC timestamp. Informational — Redis TTL is authoritative.
          example: '2026-05-12T12:44:56.000Z'
      required:
        - chip_id
        - unit_id
        - organization_id
        - expires_at
      example:
        chip_id: ABCDEF0123
        unit_id: 7f8a3c10-1111-4111-8111-111111111111
        organization_id: 99887766-aabb-4ccd-8eef-001122334455
        expires_at: '2026-05-12T12:44:56.000Z'
  securitySchemes:
    SessionTokenBearer:
      type: http
      scheme: bearer
      bearerFormat: end_sess
      description: >-
        Use `Authorization: Bearer end_sess_*` for V2 browser session tokens
        (e.g. `end_sess_AbCd_example_token`).

````