API Overview
The AuthStack API is a RESTful API that provides authentication services.
Base URL
Section titled “Base URL”https://api.authstack.voostack.comAuthentication
Section titled “Authentication”Most endpoints require authentication via Bearer token:
Authorization: Bearer <access_token>Endpoints
Section titled “Endpoints”Authentication
Section titled “Authentication”| Method | Endpoint | Description |
|---|---|---|
| POST | /auth/register | Register a new user |
| POST | /auth/login | Login with email/password |
| POST | /auth/google-login | Login with Google |
| POST | /auth/refresh-token | Refresh access token |
| POST | /auth/logout | Logout and revoke tokens |
OAuth 2.0 Authorization Server
Section titled “OAuth 2.0 Authorization Server”| Method | Endpoint | Description |
|---|---|---|
| GET | /oauth/authorize | Validate authorization request |
| POST | /oauth/authorize | Create authorization code (requires auth) |
| POST | /oauth/token | Exchange code for tokens |
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/Users/me | Get current user profile |
| PUT | /api/Users/me | Update current user |
Applications
Section titled “Applications”| Method | Endpoint | Description |
|---|---|---|
| GET | /api/applications | List all applications |
| GET | /api/applications/{appId} | Get application details |
| POST | /api/applications | Create a new application |
| PUT | /api/applications/{appId} | Update an application |
| DELETE | /api/applications/{appId} | Delete an application |
Webhooks
Section titled “Webhooks”Webhooks are configured per-application. See Webhooks API for details.
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/applications/{appId}/webhooks | List webhooks |
| POST | /api/applications/{appId}/webhooks | Create webhook |
| PUT | /api/applications/{appId}/webhooks/{id} | Update webhook |
| DELETE | /api/applications/{appId}/webhooks/{id} | Delete webhook |
| GET | /api/applications/{appId}/webhooks/events | List available events |
Request Format
Section titled “Request Format”All requests should include:
Content-Type: application/jsonResponse Format
Section titled “Response Format”Successful responses:
{ "accessToken": "eyJhbG...", "refreshToken": "abc123...", "expiresIn": 3600}Error responses:
{ "error": "Error message", "code": "ERROR_CODE"}Status Codes
Section titled “Status Codes”| Code | Description |
|---|---|
| 200 | Success |
| 201 | Created |
| 400 | Bad Request |
| 401 | Unauthorized |
| 403 | Forbidden |
| 404 | Not Found |
| 500 | Server Error |
Rate Limiting
Section titled “Rate Limiting”API requests are rate limited:
- 100 requests per minute per IP
- 1000 requests per hour per user
Next Steps
Section titled “Next Steps”- OAuth 2.0 Authorization - Implement OAuth authorization flow
- Authentication Endpoints - Detailed auth API
- Users Endpoints - User management API
- Applications API - OAuth application management
- Webhooks API - Real-time event notifications