Get User Profile

Retrieve the current user’s profile information.

Endpoint

GET https://api.mentra.glass/api/account/me

Headers

Authorization: Bearer <coreToken>

Response

Success (200): 
{
  "id": "user-uuid",
  "email": "user@example.com",
  "name": "John Doe",
  "profile": {
    "displayName": "JohnD",
    "phoneNumber": "+1234567890"
  },
  "createdAt": "2024-01-01T00:00:00Z"
}
Error (401/404/500): 
{
  "error": "Unauthorized" // or "User not found", "Failed to fetch user data"
}

Implementation

  • File: packages/cloud/src/routes/account.routes.ts:153-194
  • Middleware: validateCoreToken
  • Source: Supabase auth.users table

Update User Profile

Update the current user’s profile information.

Endpoint

PUT https://api.mentra.glass/api/account/profile

Headers

Authorization: Bearer <coreToken>

Request Body

{
  "name": "John Doe",
  "displayName": "JohnD",
  "phoneNumber": "+1234567890",
  "additionalField": "value"
}

Response

Success (200): 
{
  "id": "user-uuid",
  "email": "user@example.com",
  "name": "John Doe",
  "profile": {
    "displayName": "JohnD",
    "phoneNumber": "+1234567890",
    "additionalField": "value"
  }
}
Error (401/404/500): 
{
  "error": "Unauthorized" // or "User not found", "Failed to update user profile"
}

Implementation

  • File: packages/cloud/src/routes/account.routes.ts:200-283
  • Service: Updates Supabase user metadata

Delete Account

Immediately delete the user account and all associated data.
This action is irreversible and will permanently delete all user data including photos, settings, and app installations.

Endpoint

POST https://api.mentra.glass/api/account/request-deletion

Headers

Authorization: Bearer <coreToken>

Request Body

{
  "reason": "User requested deletion" // optional
}

Response

Success (200): 
{
  "success": true,
  "message": "Account deleted successfully"
}
Error (401/404/500): 
{
  "error": "Unauthorized" // or "User not found", "Failed to delete user account"
}

Data Cleanup

The deletion process includes:
  1. Terminating all active sessions
  2. Deleting gallery photos and files
  3. Removing user document from MongoDB
  4. Cleaning up organization memberships
  5. Deleting user from Supabase auth

Implementation

  • File: packages/cloud/src/routes/account.routes.ts:292-345
  • Cleanup Function: performCompleteUserDataCleanup() at lines 49-121

Request Data Export

Request an export of all user data in JSON or CSV format.

Endpoint

POST https://api.mentra.glass/api/account/request-export

Headers

Authorization: Bearer <coreToken>

Request Body

{
  "format": "json" // or "csv", defaults to "json"
}

Response

Success (200): 
{
  "id": "export_abc123...",
  "status": "pending",
  "message": "Export request submitted successfully. The export is being processed."
}
Error (401/404/500): 
{
  "error": "Unauthorized" // or "User not found", "Internal server error"
}

Implementation

  • File: packages/cloud/src/routes/account.routes.ts:354-440
  • Storage: Temporary file storage with 24-hour retention
  • Cleanup: Automatic cleanup of old exports

Get Export Status

Check the status of a data export request.

Endpoint

GET https://api.mentra.glass/api/account/export-status?id=<exportId>

Headers

Authorization: Bearer <coreToken>

Query Parameters

ParameterTypeDescription
idstringExport request ID (required)

Response

Success (200): 
{
  "id": "export_abc123...",
  "status": "completed", // or "pending", "processing", "failed"
  "format": "json",
  "createdAt": "2024-01-01T00:00:00Z",
  "completedAt": "2024-01-01T00:05:00Z",
  "downloadUrl": "/api/account/download-export/export_abc123..." // only if completed
}
Error (400/401/403/404): 
{
  "error": "Export ID is required" // or "Unauthorized", "Not authorized to access this export", "Export request not found"
}

Implementation

  • File: packages/cloud/src/routes/account.routes.ts:507-554

Download Export

Download a completed data export.

Endpoint

GET https://api.mentra.glass/api/account/download-export/:id

Headers

Authorization: Bearer <coreToken>

Parameters

ParameterTypeDescription
idstringExport request ID (in URL)

Response

Success (200):
  • File download with appropriate content type:
    • application/json for JSON exports
    • text/csv for CSV exports
  • Content-Disposition header for file download
Error (400/401/403/404): 
{
  "error": "Export is not ready for download" // or "Unauthorized", "Not authorized to access this export", "Export not found", "Export file not found"
}

Implementation

  • File: packages/cloud/src/routes/account.routes.ts:560-616
  • Note: Streams file directly to response

Get Privacy Settings

Retrieve user’s privacy settings.

Endpoint

GET https://api.mentra.glass/api/account/privacy

Headers

Authorization: Bearer <coreToken>

Response

Success (200): 
{
  "shareUsageData": true,
  "receiveNotifications": true,
  "allowDataCollection": true
}
Error (401/404/500): 
{
  "error": "Unauthorized" // or "User not found", "Failed to fetch user data"
}

Implementation

  • File: packages/cloud/src/routes/account.routes.ts:622-679
  • Note: Returns default settings if not set

Update Privacy Settings

Update user’s privacy settings.

Endpoint

PUT https://api.mentra.glass/api/account/privacy

Headers

Authorization: Bearer <coreToken>

Request Body

{
  "shareUsageData": false,
  "receiveNotifications": true,
  "allowDataCollection": false
}

Response

Success (200): 
{
  "shareUsageData": false,
  "receiveNotifications": true,
  "allowDataCollection": false
}
Error (401/404/500): 
{
  "error": "Unauthorized" // or "User not found", "Failed to update privacy settings"
}

Implementation

  • File: packages/cloud/src/routes/account.routes.ts:685-754
  • Service: Updates Supabase user metadata

Get OAuth App Details

Get app details for OAuth authentication flow.

Endpoint

GET https://api.mentra.glass/api/account/oauth/app/:packageName

Headers

Authorization: Bearer <coreToken>

Parameters

ParameterTypeDescription
packageNamestringApp package name (in URL)

Response

Success (200): 
{
  "success": true,
  "app": {
    "name": "Example App",
    "packageName": "com.example.app",
    "webviewURL": "https://app.example.com/oauth",
    "description": "An example app",
    "icon": "https://cdn.example.com/icon.png"
  }
}
Error (400/401/404): 
{
  "error": "Package name is required" // or "Unauthorized", "App not found", "App does not support web authentication"
}

Implementation

  • File: packages/cloud/src/routes/account.routes.ts:762-818
  • Validation: Checks if app has webviewURL configured

Generate OAuth Token

Generate a signed JWT token for app OAuth authentication.

Endpoint

POST https://api.mentra.glass/api/account/oauth/token

Headers

Authorization: Bearer <coreToken>

Request Body

{
  "packageName": "com.example.app"
}

Response

Success (200): 
{
  "success": true,
  "token": "eyJhbGciOiJSUzI1NiIs...",
  "expiresIn": "10m"
}
Error (400/401/500): 
{
  "error": "Package name is required" // or "Unauthorized", "Failed to generate authentication token"
}

Implementation

  • File: packages/cloud/src/routes/account.routes.ts:826-872
  • Service: Uses tokenService.issueUserToken()
  • Expiry: 10 minutes

Error Codes

CodeDescription
400Bad request - missing required parameters
401Unauthorized - invalid token
403Forbidden - not authorized to access resource
404Resource not found
500Internal server error

Notes

  • Account deletion is immediate without email verification since the mobile app has a 3-step confirmation process
  • Export files are automatically deleted after 24 hours
  • All endpoints require valid core token authentication
  • Privacy settings are stored in Supabase user metadata
  • OAuth tokens are signed JWTs with 10-minute expiration