diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
new file mode 100644
index 000000000..097a31280
--- /dev/null
+++ b/app/controllers/users_controller.rb
@@ -0,0 +1,14 @@
+class UsersController < ApplicationController
+  before_action :logged_in
+  respond_to :json
+
+  def logged_in
+    authenticate_user!
+  end
+
+  def show
+    respond_to do |format|
+      format.json { render json: current_user }
+    end
+  end
+end
diff --git a/config/routes.rb b/config/routes.rb
index 9bf7f5c52..d9c156a6c 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -24,6 +24,9 @@
     mount Blazer::Engine, at: "blazer"
   end
 
+  # devise doesnt parse GET /user
+  resource :user, only: :show, constraints: ->(req) { req.format == :json }
+
   resource :questionnaires, path: "apply" do
     get :schools, on: :collection
   end
diff --git a/test/controllers/users_controller_test.rb b/test/controllers/users_controller_test.rb
new file mode 100644
index 000000000..2ba78c0ca
--- /dev/null
+++ b/test/controllers/users_controller_test.rb
@@ -0,0 +1,19 @@
+require 'test_helper'
+
+class UsersControllerTest < ActionController::TestCase
+  include ActiveJob::TestHelper
+  setup do
+    @user = create(:user)
+  end
+
+  should "allow access to user#get" do
+    sign_in @user
+    get :show, params: { format: :json }
+    assert_response :success
+  end
+
+  should "don't allow user#show if not signed in" do
+    get :show, params: { format: :json }
+    assert_response(:unauthorized)
+  end
+end