diff --git a/web/api/auth0.ts b/web/api/auth0.ts
new file mode 100644
index 0000000..3c5871d
--- /dev/null
+++ b/web/api/auth0.ts
@@ -0,0 +1,11 @@
+import { ManagementClient } from 'auth0';
+
+const { host } = new URL(process.env.AUTH0_ISSUER_BASE_URL!);
+
+export const auth0 = new ManagementClient<
+    { [key: string]: any },
+    { premium: true }
+>({
+    domain: host,
+    token: process.env.AUTH0_TOKEN!,
+});
diff --git a/web/pages/api/me.ts b/web/pages/api/me.ts
new file mode 100644
index 0000000..7735d31
--- /dev/null
+++ b/web/pages/api/me.ts
@@ -0,0 +1,27 @@
+import type { NextApiRequest, NextApiResponse } from 'next';
+import { cors } from 'api/middleware/cors';
+import { runMiddleware } from 'api/middleware';
+import { auth0 } from 'api/auth0';
+import { getSession } from '@auth0/nextjs-auth0';
+
+export default async function me(req: NextApiRequest, res: NextApiResponse) {
+    await runMiddleware(req, res, cors);
+
+    if (!['GET'].includes(req.method!)) {
+        res.setHeader('Allow', 'GET');
+        res.status(405).end('Method Not Allowed');
+        return;
+    }
+
+    const session = await getSession(req, res);
+
+    if (session) {
+        const user = await auth0.getUser({ id: session!.user.sub });
+
+        return res.status(200).json({
+            username: user.nickname,
+            email: user.email,
+            metadata: user.user_metadata,
+        });
+    }
+}