Assuming PRINCIPAL is your Kerberos principal and $IPASERVER is the FQDN of your server, you can query your identity on the IPA server via curl:
kinit $PRINCIPAL
curl -k -H referer:https://$IPASERVER/ipa -H "Content-Type:application/json" -H "Accept:applicaton/json" --negotiate -u : --cacert /etc/ipa/ca.crt -d '{"method":"whoami","params":[[],{"version": "2.220"}],"id":0}' -X POST https://$IPASERVER/ipa/json
{"result": {"object": "user", "command": "user_show/1", "arguments": ["ayoung"]}, "version": "4.5.4", "error": null, "id": 0, "principal": "ayoung@YOUNGLOGIC.COM"}
This is handy if your system is not registered as an IPA client.
To fetch by username:
curl -k -H referer:https://$IPASERVER/ipa -H "Content-Type:application/json" -H "Accept:applicaton/json" --negotiate -u : --cacert /etc/ipa/ca.crt -d '{"method": "user_show", "params": [[ "ayoung" ], { "all": true, "rights": true } ]}' -X POST https://$IPASERVER/ipa/json