Skip to main content

API Authentication

The backend supports both browser cookie and bearer token authorization header methods. For the bearer authentication header of the form Bearer <token>, where <token> is your auth token.

User Authentication

Users will receive a 6-digit one-time password (OTP) for every login, utilizing passwordless authentication.
The OTP will only last for 15 minutes, and users will not be able to generate a new one within this timeframe.

Authentication Flows

New User Flow

1

Register

The user registers to create a new account.
2

OTP Creation

An OTP is sent to the user’s email or phone. If the user has both an email and a phone number, the OTP will be sent to the email.
3

OTP Verification

The OTP is verified, and a session token is returned. This token is used as a bearer token.
Use this Register API for the flow above

Register API

API to register new user

Existing User Flow

1

Login

The user logs in with their username or email.
2

OTP Creation

An OTP is sent to the user’s email or phone. If the user has both an email and a phone number, the OTP will be sent to the email.
3

OTP Verification

The OTP is verified, and a session token is returned. This token is used as a bearer token.
Use this Login API for the flow above

Login API

API to login existing user