# Account

## Identify the user the current token acts as

> Returns minimal identity information about the bearer token's owner.\
> Useful as a "who am I?" probe before issuing user-scoped mutations.\
> \
> AI guidance:\
> \- The response is deliberately sparse — it's meant as an identity check,\
> &#x20; not a profile read. For full user profile, use \`GET /api/profile\`.\
> \- 200 with just \`{\_userId}\` is the happy path on a valid token. Invalid\
> &#x20; tokens return 401 before reaching this handler.

```json
{"openapi":"3.1.0","info":{"title":"Account","version":"1.0.0"},"servers":[{"url":"https://api.integrator.io","description":"Production (US / default region)"},{"url":"https://api.eu.integrator.io","description":"Production (EU region)"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"type":"http","scheme":"bearer"}},"responses":{"401-unauthorized":{"description":"Unauthorized. The request lacks a valid bearer token, or the provided token\nfailed to authenticate.\n\nNote: the 401 response is produced by the auth middleware **before** the\nrequest reaches the endpoint handler, so it does **not** follow the\nstandard `{errors: [...]}` envelope. Instead the body is a bare\n`{message: string}` object with no `code`, no `errors` array. Callers\nhandling 401s should key off the HTTP status and the `message` string,\nnot try to destructure an `errors[]`.","content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string","description":"Human-readable description of the auth failure. Known values:\n- `\"Unauthorized\"` — no `Authorization` header on the request.\n- `\"Bearer Authentication Failed\"` — header present but token\n  is invalid, revoked, or expired."}},"required":["message"]}}}}}},"paths":{"/v1/tokenInfo":{"get":{"operationId":"getTokenInfo","tags":["Account"],"summary":"Identify the user the current token acts as","description":"Returns minimal identity information about the bearer token's owner.\nUseful as a \"who am I?\" probe before issuing user-scoped mutations.\n\nAI guidance:\n- The response is deliberately sparse — it's meant as an identity check,\n  not a profile read. For full user profile, use `GET /api/profile`.\n- 200 with just `{_userId}` is the happy path on a valid token. Invalid\n  tokens return 401 before reaching this handler.","responses":{"200":{"description":"Token identity.","content":{"application/json":{"schema":{"type":"object","properties":{"_userId":{"type":"string","format":"objectId","description":"The user id this token authenticates as."}},"required":["_userId"]}}}},"401":{"$ref":"#/components/responses/401-unauthorized"}}}}}}
```

## List applications in use in the account

> Returns the set of external systems (applications) that have at least one\
> connection in the account, with a roll-up of those connection references.\
> \
> Each entry's \`\_id\` is an \*\*application slug\*\* — well-known strings like\
> \`netsuite\`, \`shopify\`, \`amazonmws\`, \`3plcentral\`, or trading-partner\
> codes like \`3mftp\_tp\`. These slugs also appear in \`applications\[]\` on\
> marketplace entries (\`GET /v1/published\`, \`POST /v1/published/combined\`).\
> \
> AI guidance:\
> \- Use this to answer "which systems does this account integrate with?"\
> &#x20; without enumerating every connection.\
> \- \`refs.connections\[]\` is a summary — only \`\_id\` and\
> &#x20; \`createdAt\`. For full connection detail, fetch by id via\
> &#x20; \`GET /v1/connections/{\_id}\`.\
> \- The list excludes applications with zero connections — it's\
> &#x20; usage-driven, not a catalog of supported applications.

```json
{"openapi":"3.1.0","info":{"title":"Account","version":"1.0.0"},"servers":[{"url":"https://api.integrator.io","description":"Production (US / default region)"},{"url":"https://api.eu.integrator.io","description":"Production (EU region)"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"type":"http","scheme":"bearer"}},"parameters":{"Include":{"name":"include","in":"query","required":false,"description":"Comma-separated list of fields to project into each returned record.\nTriggers **summary projection** on supported list endpoints: the server\nreturns a minimal identity set for each record (`_id`, `name`, plus a\nresource-specific always-on set like `adaptorType` on exports/imports,\nor richer defaults on `ashares`, `audit`, `httpconnectors`, `transfers`,\netc.) and adds any listed fields that exist on the record. Listed fields\nthe record doesn't carry are silently dropped.\n\nDot notation is supported for projecting nested sub-fields — e.g.\n`include=ftp.directoryPath` on `/v1/exports` returns just that nested\nfield inside `ftp` for FTP-type exports (and omits `ftp` entirely for\nnon-FTP exports).\n\nRules:\n- Value regex is `{a-z A-Z . _}` (letters, dots, underscores) plus the\n  comma separator; digits are also accepted in practice. Any other\n  character returns **400 `invalid_query_params`**.\n- Empty value (`include=`) or bare `include` is ignored — the full\n  default record is returned.\n- `include` and `exclude` are **mutually exclusive**. Passing both\n  returns **400 `invalid_query_params`**: *\"Please provide either\n  include or exclude param in the request query and not both.\"*\n- Array-bracket syntax (`include[]=...`) is not supported and can return\n  a 500.\n- Only list endpoints honor projection — on GET-by-id the parameter is\n  silently ignored.\n- A small set of list endpoints explicitly reject both `include` and\n  `exclude` with **400 `invalid_query_params`** and a message of the form\n  *\"Include or exclude query params are not applicable for `<resource>`\n  resource.\"* Known rejections: `/v1/ediprofiles`, `/v1/environments`,\n  `/v1/iClients`, `/v1/lookupcaches`, `/v1/tags`.","schema":{"type":"string"}},"Exclude":{"name":"exclude","in":"query","required":false,"description":"Comma-separated list of fields to remove from the default response on\nsupported list endpoints. Unlike `include`, `exclude` does NOT trigger\nsummary projection — callers get the standard full-record shape with the\nnamed fields stripped out.\n\nRules:\n- Value regex is `{a-z A-Z . _}` (letters, dots, underscores) plus the\n  comma separator; digits are also accepted in practice. Any other\n  character returns **400 `invalid_query_params`**.\n- Empty value (`exclude=`) is ignored.\n- Certain protected identity fields **cannot be stripped** — e.g.\n  `exclude=name` on `/v1/exports` is silently ignored and `name` remains\n  in the response. Protected sets vary per resource.\n- `include` and `exclude` are **mutually exclusive**. Passing both\n  returns **400 `invalid_query_params`**: *\"Please provide either\n  include or exclude param in the request query and not both.\"*\n- Only list endpoints honor stripping — on GET-by-id the parameter is\n  silently ignored.\n- A small set of list endpoints explicitly reject both `include` and\n  `exclude` with **400 `invalid_query_params`** and a message of the form\n  *\"Include or exclude query params are not applicable for `<resource>`\n  resource.\"* Known rejections: `/v1/ediprofiles`, `/v1/environments`,\n  `/v1/iClients`, `/v1/lookupcaches`, `/v1/tags`.","schema":{"type":"string"}}},"schemas":{"ApplicationsResponse":{"type":"object","description":"Envelope wrapping the list of applications in use. Scoped to the account\n— every application entry rolls up to at least one connection.","properties":{"applications":{"type":"array","description":"Applications in use, sorted alphabetically by `_id`.","items":{"$ref":"#/components/schemas/ApplicationUsage"}}},"required":["applications"]},"ApplicationUsage":{"type":"object","description":"One application slug and the connections that reference it in this\naccount.","properties":{"_id":{"type":"string","description":"Application slug. Well-known application names (`netsuite`,\n`shopify`, `amazonmws`) or trading-partner codes (`3mftp_tp`) or\nHTTP-connector ids."},"refs":{"type":"object","description":"Roll-up of resources tied to this application.","properties":{"connections":{"type":"array","description":"Connection summaries for this application.","items":{"type":"object","properties":{"_id":{"type":"string","format":"objectId","description":"Connection id."},"createdAt":{"type":"string","format":"date-time","description":"When the connection was created."}},"required":["_id"]}}}}},"required":["_id"]}},"responses":{"401-unauthorized":{"description":"Unauthorized. The request lacks a valid bearer token, or the provided token\nfailed to authenticate.\n\nNote: the 401 response is produced by the auth middleware **before** the\nrequest reaches the endpoint handler, so it does **not** follow the\nstandard `{errors: [...]}` envelope. Instead the body is a bare\n`{message: string}` object with no `code`, no `errors` array. Callers\nhandling 401s should key off the HTTP status and the `message` string,\nnot try to destructure an `errors[]`.","content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string","description":"Human-readable description of the auth failure. Known values:\n- `\"Unauthorized\"` — no `Authorization` header on the request.\n- `\"Bearer Authentication Failed\"` — header present but token\n  is invalid, revoked, or expired."}},"required":["message"]}}}}}},"paths":{"/v1/applications":{"get":{"operationId":"listAccountApplications","tags":["Account"],"summary":"List applications in use in the account","description":"Returns the set of external systems (applications) that have at least one\nconnection in the account, with a roll-up of those connection references.\n\nEach entry's `_id` is an **application slug** — well-known strings like\n`netsuite`, `shopify`, `amazonmws`, `3plcentral`, or trading-partner\ncodes like `3mftp_tp`. These slugs also appear in `applications[]` on\nmarketplace entries (`GET /v1/published`, `POST /v1/published/combined`).\n\nAI guidance:\n- Use this to answer \"which systems does this account integrate with?\"\n  without enumerating every connection.\n- `refs.connections[]` is a summary — only `_id` and\n  `createdAt`. For full connection detail, fetch by id via\n  `GET /v1/connections/{_id}`.\n- The list excludes applications with zero connections — it's\n  usage-driven, not a catalog of supported applications.","parameters":[{"$ref":"#/components/parameters/Include"},{"$ref":"#/components/parameters/Exclude"}],"responses":{"200":{"description":"Applications in use, each with its connection references.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ApplicationsResponse"}}}},"401":{"$ref":"#/components/responses/401-unauthorized"}}}}}}
```

## List accounts shared \*with\* the current user

> Returns the set of other accounts that have shared themselves with the\
> currently-authenticated user — the account-switcher list. Each entry\
> carries the \`ownerUser\` whose account is being shared, along with the\
> share id and grant metadata.\
> \
> AI guidance:\
> \- This is the \*\*inverse\*\* of \`GET /v1/ashares\` — \`/v1/ashares\` lists\
> &#x20; users who have access to \*your\* account; \`/v1/shared/ashares\` lists\
> &#x20; accounts \*you\* have access to.\
> \- Returns \*\*204\*\* when no accounts are shared with the caller (the common\
> &#x20; case for non-administrator users). Not the same as 200 with \`\[]\`.\
> \- Shape confirmed from CLI source — live-probed account returned 204.

```json
{"openapi":"3.1.0","info":{"title":"Account","version":"1.0.0"},"servers":[{"url":"https://api.integrator.io","description":"Production (US / default region)"},{"url":"https://api.eu.integrator.io","description":"Production (EU region)"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"type":"http","scheme":"bearer"}},"schemas":{"SharedAccount":{"type":"object","description":"One account that has shared itself with the current user. Shape is\nsymmetric to the entries returned by `GET /v1/ashares`, with the\ndirection inverted: here the current user is the *recipient* of the\nshare, and `ownerUser` identifies who shared their account.","properties":{"_id":{"type":"string","format":"objectId","description":"Share record id."},"accepted":{"type":"boolean","description":"`true` once the current user has accepted the invitation to\naccess this shared account. Unaccepted shares still appear in the\nlist."},"accessLevel":{"type":"string","description":"Account-wide access level granted to the current user —\n`administrator`, `manage`, `monitor`, or `tile` (integration-only)."},"integrationAccessLevel":{"type":"array","description":"Per-integration access overrides. Empty array when the access is\naccount-wide (governed by `accessLevel`).","items":{"type":"object","additionalProperties":true}},"ownerUser":{"type":"object","description":"Identity of the user whose account is shared with the caller.","properties":{"_id":{"type":"string","format":"objectId","description":"Owner user id."},"name":{"type":"string","description":"Owner display name."},"email":{"type":"string","format":"email","description":"Owner email address."}}},"lastModified":{"type":"string","format":"date-time","readOnly":true,"description":"When this share record was last modified."},"createdAt":{"type":"string","format":"date-time","readOnly":true,"description":"When this share record was created."}},"required":["_id","ownerUser"]}},"responses":{"401-unauthorized":{"description":"Unauthorized. The request lacks a valid bearer token, or the provided token\nfailed to authenticate.\n\nNote: the 401 response is produced by the auth middleware **before** the\nrequest reaches the endpoint handler, so it does **not** follow the\nstandard `{errors: [...]}` envelope. Instead the body is a bare\n`{message: string}` object with no `code`, no `errors` array. Callers\nhandling 401s should key off the HTTP status and the `message` string,\nnot try to destructure an `errors[]`.","content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string","description":"Human-readable description of the auth failure. Known values:\n- `\"Unauthorized\"` — no `Authorization` header on the request.\n- `\"Bearer Authentication Failed\"` — header present but token\n  is invalid, revoked, or expired."}},"required":["message"]}}}}}},"paths":{"/v1/shared/ashares":{"get":{"operationId":"listSharedAccounts","tags":["Account"],"summary":"List accounts shared *with* the current user","description":"Returns the set of other accounts that have shared themselves with the\ncurrently-authenticated user — the account-switcher list. Each entry\ncarries the `ownerUser` whose account is being shared, along with the\nshare id and grant metadata.\n\nAI guidance:\n- This is the **inverse** of `GET /v1/ashares` — `/v1/ashares` lists\n  users who have access to *your* account; `/v1/shared/ashares` lists\n  accounts *you* have access to.\n- Returns **204** when no accounts are shared with the caller (the common\n  case for non-administrator users). Not the same as 200 with `[]`.\n- Shape confirmed from CLI source — live-probed account returned 204.","responses":{"200":{"description":"Array of shared-account entries.","content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/SharedAccount"}}}}},"204":{"description":"No accounts are shared with the current user."},"401":{"$ref":"#/components/responses/401-unauthorized"}}}}}}
```

## List stack shares for the current user

> Returns the set of stacks shared with the currently-authenticated user.\
> \
> Returns \*\*204\*\* when no stacks are shared with the caller — not 200\
> with an empty array.\
> \
> AI guidance:\
> \- This is the stack-sharing counterpart to \`GET /v1/shared/ashares\`\
> &#x20; (account shares).\
> \- 204 is the common case for users who are not participating in any\
> &#x20; stack-sharing arrangements.

```json
{"openapi":"3.1.0","info":{"title":"Account","version":"1.0.0"},"servers":[{"url":"https://api.integrator.io","description":"Production (US / default region)"},{"url":"https://api.eu.integrator.io","description":"Production (EU region)"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"type":"http","scheme":"bearer"}},"schemas":{"StackShare":{"type":"object","description":"A stack that has been shared with the current user. Contains the\nshare metadata, the identity of the user who shared the stack, and\na summary of the stack itself.","properties":{"_id":{"type":"string","format":"objectId","description":"Stack-share record id."},"accepted":{"type":"boolean","description":"`true` once the current user has accepted the stack share\ninvitation."},"ownerUser":{"type":"object","description":"Identity of the user who shared the stack.","properties":{"_id":{"type":"string","format":"objectId","description":"Owner user id."},"name":{"type":"string","description":"Owner display name."},"email":{"type":"string","format":"email","description":"Owner email address."}}},"stack":{"type":"object","description":"Summary of the shared stack.","properties":{"_id":{"type":"string","format":"objectId","description":"Stack id."},"name":{"type":"string","description":"Display name of the stack."},"type":{"type":"string","enum":["server"],"description":"Stack type."}}}},"required":["_id","ownerUser","stack"]}},"responses":{"401-unauthorized":{"description":"Unauthorized. The request lacks a valid bearer token, or the provided token\nfailed to authenticate.\n\nNote: the 401 response is produced by the auth middleware **before** the\nrequest reaches the endpoint handler, so it does **not** follow the\nstandard `{errors: [...]}` envelope. Instead the body is a bare\n`{message: string}` object with no `code`, no `errors` array. Callers\nhandling 401s should key off the HTTP status and the `message` string,\nnot try to destructure an `errors[]`.","content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string","description":"Human-readable description of the auth failure. Known values:\n- `\"Unauthorized\"` — no `Authorization` header on the request.\n- `\"Bearer Authentication Failed\"` — header present but token\n  is invalid, revoked, or expired."}},"required":["message"]}}}}}},"paths":{"/v1/shared/sshares":{"get":{"operationId":"listSharedStacks","tags":["Account"],"summary":"List stack shares for the current user","description":"Returns the set of stacks shared with the currently-authenticated user.\n\nReturns **204** when no stacks are shared with the caller — not 200\nwith an empty array.\n\nAI guidance:\n- This is the stack-sharing counterpart to `GET /v1/shared/ashares`\n  (account shares).\n- 204 is the common case for users who are not participating in any\n  stack-sharing arrangements.","responses":{"200":{"description":"Array of stack share entries.","content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/StackShare"}}}}},"204":{"description":"No stacks are shared with the current user."},"401":{"$ref":"#/components/responses/401-unauthorized"}}}}}}
```

## List shared stacks

> Returns the stacks available to the current account.\
> \
> Unlike \`GET /v1/shared/sshares\` and \`GET /v1/shared/ashares\`, this\
> endpoint returns \*\*200 with \`\[]\`\*\* when the list is empty — it does\
> not use 204 for the empty case.\
> \
> AI guidance:\
> \- Always returns 200, even when empty.\
> \- Use this to enumerate stack resources visible to the current user.

```json
{"openapi":"3.1.0","info":{"title":"Account","version":"1.0.0"},"servers":[{"url":"https://api.integrator.io","description":"Production (US / default region)"},{"url":"https://api.eu.integrator.io","description":"Production (EU region)"}],"security":[{"bearerAuth":[]}],"components":{"securitySchemes":{"bearerAuth":{"type":"http","scheme":"bearer"}},"schemas":{"Stack":{"type":"object","description":"A stack resource available to the current account.","properties":{"_id":{"type":"string","format":"objectId","description":"Stack id."},"name":{"type":"string","description":"Display name of the stack."},"type":{"type":"string","enum":["server"],"description":"Stack type."},"server":{"type":"object","description":"Server-type configuration (empty when no agents are attached).","additionalProperties":true}},"required":["_id","name","type"]}},"responses":{"401-unauthorized":{"description":"Unauthorized. The request lacks a valid bearer token, or the provided token\nfailed to authenticate.\n\nNote: the 401 response is produced by the auth middleware **before** the\nrequest reaches the endpoint handler, so it does **not** follow the\nstandard `{errors: [...]}` envelope. Instead the body is a bare\n`{message: string}` object with no `code`, no `errors` array. Callers\nhandling 401s should key off the HTTP status and the `message` string,\nnot try to destructure an `errors[]`.","content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string","description":"Human-readable description of the auth failure. Known values:\n- `\"Unauthorized\"` — no `Authorization` header on the request.\n- `\"Bearer Authentication Failed\"` — header present but token\n  is invalid, revoked, or expired."}},"required":["message"]}}}}}},"paths":{"/v1/shared/stacks":{"get":{"operationId":"listSharedStackResources","tags":["Account"],"summary":"List shared stacks","description":"Returns the stacks available to the current account.\n\nUnlike `GET /v1/shared/sshares` and `GET /v1/shared/ashares`, this\nendpoint returns **200 with `[]`** when the list is empty — it does\nnot use 204 for the empty case.\n\nAI guidance:\n- Always returns 200, even when empty.\n- Use this to enumerate stack resources visible to the current user.","responses":{"200":{"description":"Array of stacks (may be empty).","content":{"application/json":{"schema":{"type":"array","items":{"$ref":"#/components/schemas/Stack"}}}}},"401":{"$ref":"#/components/responses/401-unauthorized"}}}}}}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://developer.celigo.com/api/api-reference/account.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.