Skip to main content
POST
https://api.app.shinzo.ai
/
auth
/
oauth
/
github
/
callback
GitHub OAuth - Handle Callback
curl --request POST \
  --url https://api.app.shinzo.ai/auth/oauth/github/callback \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "code": "<string>",
  "state": "<string>",
  "token": "<string>",
  "user": {},
  "isNewUser": true
}
'

Authentication

No authentication required.

Body Parameters

code
string
required
Authorization code from GitHub.
state
string
State parameter for CSRF protection.

Example Request

curl -X POST "https://api.app.shinzo.ai/auth/oauth/github/callback" \
  -H "Content-Type: application/json" \
  -d '{
    "code": "gho_abc123...",
    "state": "random-state-string"
  }'

Response

{
  "token": "eyJhbGciOiJIUzI1NiIs...",
  "user": {
    "uuid": "usr_abc123",
    "email": "user@github.com"
  },
  "isNewUser": true
}

Response Fields

token
string
JWT token for authenticated requests.
user
object
User profile information.
isNewUser
boolean
Whether this is a new account created via OAuth.

Status Codes

CodeDescription
200Authentication successful
400Invalid request (missing code, invalid state)
401OAuth authentication failed

Notes

  • OAuth users don’t need to verify their email separately
  • If a user with the same email already exists (registered via email/password), the accounts are linked
  • The isNewUser field indicates whether a new account was created or an existing one was used