Authentication
Authentication endpoints handle user account management, session tokens, and OAuth flows. Most endpoints in this group do not require authentication, as they are used to establish credentials.Authentication Methods
| Method | Description |
|---|---|
| Email/Password | Register with email and password, verify email, then log in to receive a JWT token |
| Google OAuth | Sign in using a Google account |
| GitHub OAuth | Sign in using a GitHub account |
Endpoints
Account Management
| Method | Endpoint | Description |
|---|---|---|
POST | /auth/create_user | Register a new user account |
POST | /auth/login | Log in and receive a JWT token |
POST | /auth/verify_user | Verify email address |
POST | /auth/resend_verification | Resend verification email |
GET | /auth/fetch_user | Get current user profile |
GET | /auth/fetch_user_quota | Get usage quota and limits |
OAuth
| Method | Endpoint | Description |
|---|---|---|
GET | /auth/oauth/google | Get Google OAuth authorization URL |
POST | /auth/oauth/google/callback | Handle Google OAuth callback |
GET | /auth/oauth/github | Get GitHub OAuth authorization URL |
POST | /auth/oauth/github/callback | Handle GitHub OAuth callback |
OAuth Flow
OAuth authentication follows a two-step process:- Get Authorization URL — Call the provider’s authorization endpoint to receive a redirect URL
- Handle Callback — After the user authorizes with the provider, send the authorization code to the callback endpoint to receive a JWT token
Token Lifecycle
- Register an account or sign in via OAuth
- Verify your email (email/password only)
- Log in to receive a JWT token
- Include the token in subsequent API requests via the
Authorization: Bearer <token>header - Tokens expire after 24 hours — log in again to obtain a new one