Skip to main content

AuthCentral API endpoints introduction

Here’s a quick overview of the key endpoints available in AuthCentral:

1. Access Tokens

  • Get Access Token

    • Endpoint: POST /api/v1/accessToken
    • Description: Used to obtain an access token.
    • Headers: Content-Type: application/json, auth-token: (special BE to BE token)
    • Body: 
      {
        "redirectUrlOnSuccess": "string",
        "redirectUrlOnFail": "string"
      }

  • Retrieve Access Token by ID

    • Endpoint: GET /public/api/v1/accessToken/{id}
    • Description: Retrieve the access token details using its ID.

2. Sessions

  • Refresh Session
    • Endpoint: POST /api/v1/sessions/refresh/{token}
    • Description: Refresh an existing session token.
    • Headers: Authorization: Bearer your_refresh_token

3. Login

  • User Login
    • Endpoint: POST /public/api/v1/login
    • Description: Authenticate a user and initiate a session.
    • Headers: Content-Type: application/json
    • Body: 
      {
        "ip": {
          "value": "string"
        },
        "userAgent": "string",
        "email": {
          "value": "string"
        },
        "password": "string"
      }

4. Web3

  • Signature Verification

    • Endpoint: POST /public/api/v1/web3/signature
    • Description: Verify a Web3 signature.

  • Create Web3 Account

    • Endpoint: POST /public/api/v1/web3/create
    • Description: Create a new Web3 account.

  • Authenticate Web3

    • Endpoint: POST /public/api/v1/web3/authenticate
    • Description: Authenticate using Web3 credentials.

5. Users

  • Check if User Exists

    • Endpoint: POST /public/api/v1/users/exists
    • Description: Check whether a user exists.

  • Check Password Strength

    • Endpoint: POST /public/api/v1/users/checkPasswordStrength
    • Description: Validate password strength.

  • Create User

    • Endpoint: POST /public/api/v1/users/create
    • Description: Create a new user.

  • Get User Info (Private)

    • Endpoint: GET /private/api/v1/users
    • Description: Retrieve information about the current authenticated user.

6. Admin

  • Admin Login

    • Endpoint: POST /admin/api/v1/login
    • Description: Admin login to manage the application.

  • Admin Session Refresh

    • Endpoint: POST /admin/api/v1/sessions/refresh
    • Description: Refresh an admin session.

Usage Notes

  • Public Endpoints (/public) are accessible without an authentication token and are primarily used for initiating login or sign-up processes.
  • Private Endpoints (/private) require a valid authentication token to access protected resources.
  • Ensure to handle token expiration and refreshing appropriately using the /api/v1/sessions/refresh endpoint.

Swagger Documentation

For the full list of available endpoints, visit the Swagger documentation page.