Returns the calling user's notification preferences, grouped by channel. Today only the email channel exists, with four toggles: product_updates, delivery_alerts, billing_receipts, and weekly_usage_digest.

Every leaf renders as an explicit boolean. If you have never set a preference for a given key, the response carries the documented default (product / delivery / billing default to true, weekly digest defaults to false), the dashboard does not need to special-case "never set".

Critical security alerts are mandatory and not user-toggleable; they are not represented in this response at all. The FE copy already calls this out, "Critical security alerts cannot be disabled".

Requires a user session (Clerk JWT). API-key principals receive 403 USER_REQUIRED; api keys are not user-scoped, so there is no "owning user" to load preferences from.

Authorization

clerkJWT

AuthorizationBearer <token>

First-party clients (the dashboard) authenticate with the session token issued at sign-in. Requests are scoped to the active organization and the signed-in user's role.

In: header

Response Body

`application/json`

curl -X GET "https://example.com/v1/me/notifications"

{
  "success": true,
  "data": {
    "email": {
      "product_updates": true,
      "delivery_alerts": true,
      "billing_receipts": true,
      "weekly_usage_digest": false
    }
  }
}

{
  "success": false,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "authentication failed",
    "request_id": "01JTBQH2FZ8K1RXC0WJ4Z9P3VM"
  }
}

{
  "success": false,
  "error": {
    "code": "USER_REQUIRED",
    "message": "endpoint requires a user session",
    "request_id": "01JTBQH2FZ8K1RXC0WJ4Z9P3VM"
  }
}

Get the current user's notification preferences

Authorization

Response Body

200application/json

401application/json

403application/json

User has not set any preference (defaults)

User has opted into the weekly usage digest

`application/json`

`application/json`

`application/json`