We do already but it's encoded in the access_token. You can decode the access token by using a JWT token decoder.
Look for the "sub" parameter, which is also known as "credential_id".
You can also check the credentials_id by using the /me endpoint. Instructions here.