Auth API
Authentication endpoints for user registration, login, and password management.
Sign Up
Create a new user account.
POST /api/auth/signupRequest Body
{
"name": "John Doe",
"email": "john@example.com",
"password": "securePassword123",
"captchaToken": "cap_xxx" // Optional
}Response
{
"success": true,
"message": "Account created. Please check your email to verify."
}Errors
| Status | Error |
|---|---|
| 400 | Invalid email or password format |
| 400 | Email already registered |
| 429 | Rate limit exceeded |
Sign In
Authenticate and get JWT token.
POST /api/auth/signinRequest Body
{
"email": "john@example.com",
"password": "securePassword123"
}Response
{
"success": true,
"token": "eyJhbGciOiJIUzI1NiIs...",
"user": {
"id": "507f1f77bcf86cd799439011",
"name": "John Doe",
"email": "john@example.com",
"avatar": "/default-avatar.png",
"hasCompletedOnboarding": true
}
}Errors
| Status | Error |
|---|---|
| 401 | Invalid credentials |
| 401 | Email not verified |
| 429 | Rate limit exceeded |
Forgot Password
Request a password reset email.
POST /api/auth/forgot-passwordRequest Body
{
"email": "john@example.com"
}Response
{
"success": true,
"message": "Password reset email sent"
}Note: Returns success even if email doesn't exist (security measure).
Reset Password
Set a new password using reset token.
POST /api/auth/reset-passwordRequest Body
{
"token": "reset-token-from-email",
"password": "newSecurePassword456"
}Response
{
"success": true,
"message": "Password reset successfully"
}Errors
| Status | Error |
|---|---|
| 400 | Invalid or expired token |
| 400 | Password doesn't meet requirements |
Verify Email
Verify user's email address.
GET /api/auth/verify-email?token=verification-tokenResponse
Redirects to /signin with success message, or to error page if token is invalid.
Get Current User
Get the authenticated user's profile.
GET /api/auth/me
Authorization: Bearer <token>Response
{
"id": "507f1f77bcf86cd799439011",
"name": "John Doe",
"email": "john@example.com",
"avatar": "/default-avatar.png",
"hasCompletedOnboarding": true,
"onboardingData": {
"companyName": "Acme Inc",
"role": "Developer"
}
}Complete Onboarding
Save user's onboarding data.
POST /api/auth/onboarding
Authorization: Bearer <token>Request Body
{
"companyName": "Acme Inc",
"companySize": "10-50",
"role": "Developer",
"useCase": "Project Management",
"firstWorkspace": "My Workspace"
}Response
{
"success": true,
"user": {
"id": "507f1f77bcf86cd799439011",
"hasCompletedOnboarding": true
}
}