Authentication & User Management

Handles user onboarding, token issuance, session handling, role access, and identity management.

Registers a new user and sends a verification OTP to their email.

Request Body:

{
  "email": "[email protected]",
  "first_name": "John",
  "last_name": "Doe",
  "password": "strongpassword123"
}

🔐 Auth Required: No 📩 Sends OTP to email

✅ cURL

curl -X POST https://api.yourdomain.com/sign-up \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "first_name": "John",
    "last_name": "Doe",
    "password": "strongpassword123"
  }'

✅ JS Example

await fetch("https://api.yourdomain.com/sign-up", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({
    email: "[email protected]",
    first_name: "John",
    last_name: "Doe",
    password: "strongpassword123"
  })
});

Logs in a user and returns a token for future requests.

Request:

{
  "email": "[email protected]",
  "password": "strongpassword123"
}

Response:

{
  "token": "<jwt_token>",
  "user": { "user_id": "uuid", "email": "...", ... }
}

🔐 Auth Required: No

✅ cURL

curl -X POST https://api.yourdomain.com/sign-in \
  -H "Content-Type: application/json" \
  -d '{"email":"[email protected]", "password":"strongpassword123"}'

✅ JS Example

const res = await fetch("https://api.yourdomain.com/sign-in", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({
    email: "[email protected]",
    password: "strongpassword123"
  })
});
const data = await res.json();
const token = data.token;

🔸 `GET /me` – Get Current User

Returns profile info of the authenticated user.

🔐 Auth Required: ✅ Yes (Bearer Token)

✅ cURL

curl -H "Authorization: Bearer <jwt_token>" https://api.yourdomain.com/me

✅ JS Example

await fetch("https://api.yourdomain.com/me", {
  headers: {
    Authorization: "Bearer " + token
  }
});

🔸 `GET /logout` – Logout User

Invalidates the current JWT token.

🔐 Auth Required: ✅ Yes

✅ cURL

curl -X GET https://api.yourdomain.com/logout \
  -H "Authorization: Bearer <jwt_token>"

🔸 `POST /send-otp` – Send OTP to Email

Sends a one-time verification code to a user's email.

Request:

{ "email": "[email protected]" }

🔐 Auth Required: ❌ No

✅ cURL

curl -X POST https://api.yourdomain.com/send-otp \
  -H "Content-Type: application/json" \
  -d '{"email": "[email protected]"}'

🔸 `POST /password-reset/request` – Start Reset Flow

Sends OTP to email for resetting password.

✅ cURL

curl -X POST https://api.yourdomain.com/password-reset/request \
  -H "Content-Type: application/json" \
  -d '{"email": "[email protected]"}'

🔸 `POST /password-reset/confirm` – Confirm New Password

Request:

{
  "email": "[email protected]",
  "otp_code": "123456",
  "new_password": "newStrongPassword"
}

✅ cURL

curl -X POST https://api.yourdomain.com/password-reset/confirm \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "otp_code": "123456",
    "new_password": "newStrongPassword"
  }'

🔸 `GET /all-users` – List All Users (Admin Only)

🔐 Auth Required: ✅ Admin

✅ cURL

curl https://api.yourdomain.com/all-users \
  -H "Authorization: Bearer <admin_token>"

🔸 `GET /users/{user_id}` – Get User by ID

Returns details of a specific user (admin access).

✅ cURL

curl https://api.yourdomain.com/users/abc123 \
  -H "Authorization: Bearer <admin_token>"

🔸 `POST /users/{user_id}/change-role/{new_role_id}` – Change Role

Changes the user's role (e.g., to admin, user, etc.).

✅ cURL

curl -X POST https://api.yourdomain.com/users/abc123/change-role/admin \
  -H "Authorization: Bearer <admin_token>"

🔸 `PUT /{user_id}` – Update Profile

Update user details like name or password.

✅ cURL

curl -X PUT https://api.yourdomain.com/abc123 \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{"first_name": "Jane", "last_name": "Smith"}'

🔸 `DELETE /{user_id}` – Delete Account

Permanently deletes a user account.

✅ cURL

curl -X DELETE https://api.yourdomain.com/abc123 \
  -H "Authorization: Bearer <admin_token>"

🔸 `GET /by-email/{email}` – Lookup User by Email

Finds a user using their email address.

✅ cURL

curl https://api.yourdomain.com/by-email/[email protected] \
  -H "Authorization: Bearer <admin_token>"

Log in using Google. Typically done via frontend OAuth provider like Google SDK. The server endpoint exchanges the token and responds with a JWT.

✅ cURL

curl -X POST https://api.yourdomain.com/google \
  -H "Content-Type: application/json" \
  -d '{"google_token": "XYZ..."}

PreviousQuick Start NextChat with Agent

Last updated 3 months ago

🔸 POST /sign-up – Register New User

🔸 POST /sign-in – Authenticate & Get JWT Token

🔸 GET /me – Get Current User

🔸 GET /logout – Logout User

🔸 POST /send-otp – Send OTP to Email

🔸 POST /password-reset/request – Start Reset Flow

🔸 POST /password-reset/confirm – Confirm New Password

🔸 GET /all-users – List All Users (Admin Only)

🔸 GET /users/{user_id} – Get User by ID

🔸 POST /users/{user_id}/change-role/{new_role_id} – Change Role

🔸 PUT /{user_id} – Update Profile

🔸 DELETE /{user_id} – Delete Account

🔸 GET /by-email/{email} – Lookup User by Email

🔸 POST /google – Login with Google OAuth

🔸 `POST /sign-up` – Register New User

🔸 `POST /sign-in` – Authenticate & Get JWT Token

🔸 `GET /me` – Get Current User

🔸 `GET /logout` – Logout User

🔸 `POST /send-otp` – Send OTP to Email

🔸 `POST /password-reset/request` – Start Reset Flow

🔸 `POST /password-reset/confirm` – Confirm New Password

🔸 `GET /all-users` – List All Users (Admin Only)

🔸 `GET /users/{user_id}` – Get User by ID

🔸 `POST /users/{user_id}/change-role/{new_role_id}` – Change Role

🔸 `PUT /{user_id}` – Update Profile

🔸 `DELETE /{user_id}` – Delete Account

🔸 `GET /by-email/{email}` – Lookup User by Email

🔸 `POST /google` – Login with Google OAuth