diff --git a/packages/iam/src/index.ts b/packages/iam/src/index.ts
index 0dd6211..7c400e8 100644
--- a/packages/iam/src/index.ts
+++ b/packages/iam/src/index.ts
@@ -66,3 +66,4 @@ export {
   updateUserRole,
   type UpdateUserRoleOptions,
 } from './lib/users/update-role';
+export { whoami, type WhoamiOptions, type WhoamiResponse } from './lib/whoami';
diff --git a/packages/iam/src/lib/config.ts b/packages/iam/src/lib/config.ts
index d108f3a..cece037 100644
--- a/packages/iam/src/lib/config.ts
+++ b/packages/iam/src/lib/config.ts
@@ -19,6 +19,8 @@ function loadIAMConfig(): TigrisIAMConfig {
     config.mgmtEndpoint = process.env.TIGRIS_MGMT_ENDPOINT;
     config.sessionToken = process.env.TIGRIS_SESSION_TOKEN;
     config.organizationId = process.env.TIGRIS_ORGANIZATION_ID;
+    config.accessKeyId = process.env.TIGRIS_STORAGE_ACCESS_KEY_ID;
+    config.secretAccessKey = process.env.TIGRIS_STORAGE_SECRET_ACCESS_KEY;
   }
 
   return config;
diff --git a/packages/iam/src/lib/http-client.ts b/packages/iam/src/lib/http-client.ts
index ea6dfd7..f69a695 100644
--- a/packages/iam/src/lib/http-client.ts
+++ b/packages/iam/src/lib/http-client.ts
@@ -3,6 +3,8 @@ import { config, DEFAULT_ENDPOINTS } from './config';
 import type { TigrisIAMConfig, TigrisIAMResponse } from './types';
 
 export const IAM_ENDPOINTS = {
+  // Whoami
+  whoami: '/users/whoami',
   // Users
   revokeInvitation: '/tigris-iam/invitations',
   removeUser: '/tigris-iam/namespaces',
@@ -37,16 +39,19 @@ function getManagementEndpoint(options?: TigrisIAMConfig): string {
 
 export function createIAMClient(
   options?: TigrisIAMConfig,
-  isManagement?: boolean
+  isManagement?: boolean,
+  skipCheck?: boolean
 ): TigrisIAMResponse<TigrisHttpClient, Error> {
   const sessionToken = options?.sessionToken ?? config.sessionToken;
   const organizationId = options?.organizationId ?? config.organizationId;
+  const accessKeyId = options?.accessKeyId ?? config.accessKeyId;
+  const secretAccessKey = options?.secretAccessKey ?? config.secretAccessKey;
 
-  if (!sessionToken || sessionToken === '') {
+  if (!skipCheck && (!sessionToken || sessionToken === '')) {
     return { error: new Error('Session token is required') };
   }
 
-  if (!organizationId || organizationId === '') {
+  if (!skipCheck && (!organizationId || organizationId === '')) {
     return { error: new Error('Organization ID is required') };
   }
 
@@ -56,5 +61,7 @@ export function createIAMClient(
       : getIAMEndpoint(options),
     sessionToken,
     organizationId,
+    accessKeyId,
+    secretAccessKey,
   });
 }
diff --git a/packages/iam/src/lib/types.ts b/packages/iam/src/lib/types.ts
index 981a3c0..2111e58 100644
--- a/packages/iam/src/lib/types.ts
+++ b/packages/iam/src/lib/types.ts
@@ -3,6 +3,8 @@ import type { TigrisResponse } from '@shared/types';
 export type TigrisIAMConfig = {
   sessionToken?: string;
   organizationId?: string;
+  accessKeyId?: string;
+  secretAccessKey?: string;
   iamEndpoint?: string;
   mgmtEndpoint?: string;
 };
diff --git a/packages/iam/src/lib/whoami.ts b/packages/iam/src/lib/whoami.ts
new file mode 100644
index 0000000..27d3a4f
--- /dev/null
+++ b/packages/iam/src/lib/whoami.ts
@@ -0,0 +1,42 @@
+import { createIAMClient, IAM_ENDPOINTS } from './http-client';
+import { TigrisIAMConfig, TigrisIAMResponse } from './types';
+
+export type WhoamiOptions = {
+  config?: TigrisIAMConfig;
+};
+
+export type WhoamiResponse = {
+  userId: string;
+  organizationId: string;
+};
+
+type WhoamiApiResponse = {
+  UserId: string;
+  NamespaceId: string;
+};
+
+export async function whoami(
+  options?: WhoamiOptions
+): Promise<TigrisIAMResponse<WhoamiResponse, Error>> {
+  const { data: client, error } = createIAMClient(options?.config, true, true);
+
+  if (error) {
+    return { error };
+  }
+
+  const response = await client.request<unknown, WhoamiApiResponse>({
+    method: 'GET',
+    path: IAM_ENDPOINTS.whoami,
+  });
+
+  if (response.error) {
+    return { error: response.error };
+  }
+
+  return {
+    data: {
+      userId: response.data.UserId,
+      organizationId: response.data.NamespaceId,
+    },
+  };
+}
diff --git a/shared/http-client.ts b/shared/http-client.ts
index 1de4d06..e4e4bb0 100644
--- a/shared/http-client.ts
+++ b/shared/http-client.ts
@@ -13,19 +13,19 @@ export interface HttpClientRequest<T = unknown> {
 
 export type HttpClientResponse<T = unknown> =
   | {
-    status: number;
-    statusText: string;
-    headers: Headers;
-    data: T;
-    error?: never;
-  }
+      status: number;
+      statusText: string;
+      headers: Headers;
+      data: T;
+      error?: never;
+    }
   | {
-    status: number;
-    statusText: string;
-    headers: Headers;
-    error: Error;
-    data?: never;
-  };
+      status: number;
+      statusText: string;
+      headers: Headers;
+      error: Error;
+      data?: never;
+    };
 
 export interface TigrisHttpClient {
   request<TRequest = unknown, TResponse = unknown>(
@@ -184,7 +184,9 @@ export function createTigrisHttpClient(
             status: response.status,
             statusText: response.statusText,
             headers: response.headers,
-            error: new Error(error.Message ?? response.statusText ?? 'Unknown error'),
+            error: new Error(
+              error.Message ?? response.statusText ?? 'Unknown error'
+            ),
           };
         } catch {
           return {