ANyway, what you want to do is one of the following:
- Store the user info inside the access token payload (there is a section in the docs in "common customisations > session" for this). The contents of this can then be accessed via `getAccessTokenPayloadSecurely`; OR
- You can create an API that does session verification and sends the relevant info to the frontend. Do not send the user ID to the API - always only use the session to identify the user on the backend.