> ## Documentation Index > Fetch the complete documentation index at: https://spreecommerce.org/docs/llms.txt > Use this file to discover all available pages before exploring further. # Get current admin user and permissions > Returns the current admin user profile and a serialized list of permissions (CanCanCan rules). The SPA uses these to drive UI permission checks. ## OpenAPI ````yaml /api-reference/admin.yaml get /api/v3/admin/me openapi: 3.0.3 info: title: Admin API contact: name: Spree Commerce url: https://spreecommerce.org email: hello@spreecommerce.org description: > Spree Admin API v3 - Administrative API for managing products, orders, and store settings. ## Authentication The Admin API requires a secret API key passed in the `x-spree-api-key` header. Secret API keys can be generated in the Spree admin dashboard. ## Response Format All responses are JSON. List endpoints return paginated responses with `data` and `meta` keys. Single resource endpoints return a flat JSON object. ## Resource IDs Every resource is identified by an opaque string ID (e.g. `prod_86Rf07xd4z`, `variant_k5nR8xLq`, `or_UkLWZg9DAJ`). Use these IDs everywhere — URL paths, request bodies, and Ransack filters all accept them directly. ## Error Handling Errors return a consistent format: ```json { "error": { "code": "validation_error", "message": "Validation failed", "details": { "name": ["can't be blank"] } } } ``` version: v3 servers: - url: http://{defaultHost} variables: defaultHost: default: localhost:3000 security: [] tags: - name: Authentication description: Admin user authentication - name: Product Catalog description: Products, variants, and option types - name: Orders description: >- Order management — orders, items, payments, fulfillments, refunds, gift cards, store credits - name: Customers description: Customer management — profiles, addresses, store credits, credit cards - name: Configuration description: Store configuration — payment methods, tag autocomplete paths: /api/v3/admin/me: get: tags: - Authentication summary: Get current admin user and permissions description: >- Returns the current admin user profile and a serialized list of permissions (CanCanCan rules). The SPA uses these to drive UI permission checks. parameters: - name: x-spree-api-key in: header required: true schema: type: string - name: Authorization in: header required: true description: Bearer token for admin authentication schema: type: string responses: '200': description: current admin user and permissions content: application/json: example: user: id: admin_UkLWZg9DAJ email: eloy@goldner.us first_name: Vance last_name: Yundt created_at: '2026-05-09T10:04:33.428Z' updated_at: '2026-05-09T10:04:33.428Z' roles: - id: role_UkLWZg9DAJ name: admin permissions: - allow: true actions: - manage subjects: - all has_conditions: false - allow: false actions: - cancel subjects: - Spree::Order has_conditions: false - allow: true actions: - cancel subjects: - Spree::Order has_conditions: true - allow: false actions: - destroy subjects: - Spree::Order has_conditions: false - allow: true actions: - destroy subjects: - Spree::Order has_conditions: true - allow: false actions: - edit - update subjects: - Spree::RefundReason has_conditions: true - allow: false actions: - edit - update subjects: - Spree::ReimbursementType has_conditions: true - allow: false actions: - update - destroy subjects: - Spree::Role has_conditions: true schema: $ref: '#/components/schemas/MeResponse' '401': description: unauthorized content: application/json: example: error: code: authentication_required message: Authentication required schema: $ref: '#/components/schemas/ErrorResponse' security: - api_key: [] bearer_auth: [] x-codeSamples: - lang: javascript label: Spree Admin SDK source: >- import { createAdminClient } from '@spree/admin-sdk' const client = createAdminClient({ baseUrl: 'https://your-store.com', secretKey: 'sk_xxx', }) const me = await client.me.get() if (me.permissions.some((r) => r.allow && r.actions.includes('manage') && r.subjects.includes('Spree::Product'))) { // show "Create product" button } components: schemas: MeResponse: type: object description: Current admin user profile and serialized permissions properties: user: $ref: '#/components/schemas/AdminUser' permissions: type: array items: $ref: '#/components/schemas/PermissionRule' required: - user - permissions ErrorResponse: type: object properties: error: type: object properties: code: type: string example: record_not_found message: type: string example: Record not found details: type: object description: Field-specific validation errors nullable: true example: name: - is too short - is required email: - is invalid required: - code - message required: - error example: error: code: validation_error message: Validation failed details: name: - is too short email: - is invalid AdminUser: type: object properties: id: type: string email: type: string first_name: type: string nullable: true last_name: type: string nullable: true created_at: type: string updated_at: type: string roles: type: array items: $ref: '#/components/schemas/AdminUserRoleAssignment' required: - id - email - first_name - last_name - created_at - updated_at - roles x-typelizer: true PermissionRule: type: object description: >- A single permission rule (CanCanCan rule). Rules are applied in order, last-matching-wins. properties: allow: type: boolean description: true for `can`, false for `cannot` actions: type: array items: type: string description: Action names, e.g. ["read", "update"] or ["manage"] subjects: type: array items: type: string description: Subject class names, e.g. ["Spree::Product"] or ["all"] has_conditions: type: boolean description: >- True if the server-side rule has per-record conditions. The SPA shows the action optimistically and handles 403 from the API. required: - allow - actions - subjects - has_conditions AdminUserRoleAssignment: type: object description: A role assignment for the current store on a staff member properties: id: type: string description: Prefixed role ID example: role_abc123 name: type: string description: Role name example: admin required: - id - name securitySchemes: api_key: type: apiKey name: x-spree-api-key in: header description: Secret API key for admin access bearer_auth: type: http scheme: bearer bearerFormat: JWT description: JWT token for admin user authentication ````