How to access ctx.state.user in controller [strapi v4]

System Information
  • Strapi Version: 4.3.2
  • Node Version: 16.13.1
  • NPM Version: 8.6.0
  • Yarn Version: 1.22.15

I’ve edited create() action in controller to append author data to each new entity. but i don’t access to ctx.state.user in controller:

// path: src/api/event/controller/event.js
module.exports = createCoreController('api::event.event', ({ strapi }) => ({

  async create(ctx) { = ctx.state.user;   // undefined

    let event = await super.create(ctx);

    return event;


how i can access to ctx.state.user into controller file?

Documentation didn’t help me

beforehand thanks for any help

Have you tried console log or return ctx.state just to see what it contains ?


  route: {
    method: 'POST',
    path: '/events',
    handler: 'api::event.event.create',
    config: { auth: [Object] },
    info: { apiName: 'event', type: 'content-api' }
  isAuthenticated: true,
  auth: {
    strategy: {
      name: 'users-permissions',
      authenticate: [AsyncFunction: authenticate],
      verify: [AsyncFunction: verify]
    credentials: null,
    allowedActions: [

but not exist “user” object as a key

i sure there is an easy solve for this issue but i can’t find

I think it’s part of ctx.request etc I can’t remember it :slight_smile:

i found this solution a few days ago:
ctx.state.user returns undefined

i thought there is more standard way to fix in backend, but don’t seem!

so i use this method and thanks for made your time for my issue

1 Like

Did this solution work??? Because I have the same problem. I sent my request with the bearer token. But I have still “undefined”!

yes, this issue solved for me. make sure you have access to jwt token when you sending request using:


Oh yes that would make sense, as the middleware I’m guessing would decrypt the token and add the user state that you are looking for. No token no user state! :slightly_smiling_face:

1 Like

Sure. I sent a JWT token with Postman. I could see it inside the ctx. I used “Bearer token” as authorization.
With this code, I have no problem:
const user = await strapi.plugins[‘users-permissions’].services.jwt.getToken(ctx);

If ctx.state.user works, I can deduct that there is a problem with my request. But what?
Thank you for your help. I’d like to understand what’s wrong

Another thing, I created a policy file. Inside, I can access to the logged user.
So I can’t understand why I can access to this piece of information inside the policy and not in the controller.
Something’s rotten in the dutch kingdom…:slight_smile:

I’ve found my mistake. In the customed route config, “auth” field was set to false. This explains why I couldn’t get the ctx.state.user. Sorry for the inconvenience

No worries at all that’s how we all learn glad you solved it :birthday: