## Validate current API key

`$ lightfield auth validate`

**get** `/v1/auth/validate`

Returns metadata for the current API key, including the subject type and granted public scopes. Use this endpoint to confirm a key is active before making scoped API requests.

**[Required scope](/using-the-api/scopes/):** None

**[Rate limit category](/using-the-api/rate-limits/):** Read

### Returns

- `auth_validate_response: object { active, scopes, subjectType, tokenType }`

  - `active: boolean`

    Whether the current API key is valid. Always `true` on successful responses.

  - `scopes: array of string`

    Granted public scopes for the current API key. Empty when the key has full access.

  - `subjectType: "user" or "workspace"`

    Whether the API key belongs to a `user` or `workspace`.

    - `"user"`

    - `"workspace"`

  - `tokenType: "api_key"`

    Credential family, always `api_key`.

    - `"api_key"`

### Example

```cli
lightfield auth validate \
  --api-key 'My API Key'
```

#### Response

```json
{
  "active": true,
  "scopes": [
    "string"
  ],
  "subjectType": "user",
  "tokenType": "api_key"
}
```