Authentication
POST /auth/signup
Create a new account with an organization.
Body:
json
{
"email": "user@example.com",
"username": "janedoe",
"first_name": "Jane",
"last_name": "Doe",
"password": "securepassword",
"action": "create",
"orgCreateProps": {
"name": "Acme Inc",
"slug": "acme-inc",
"description": "Optional description"
}
}To join an existing org, use "action": "join" with "invitationCode": "..." instead of orgCreateProps.
POST /auth/signin
Sign in with email and password. Returns JWT tokens.
Body:
json
{
"email": "user@example.com",
"password": "securepassword"
}Response:
json
{
"access_token": "eyJ...",
"refresh_token": "eyJ..."
}POST /auth/google
Sign in or sign up with a Google OAuth authorization code.
Body:
json
{
"code": "4/0Aci..."
}Response: Same as signin. May include "needsOrg": true if the user has no organization.
POST /auth/setup-org
Set up an organization after Google signup. Requires Bearer token.
Body:
json
{
"action": "create",
"orgCreateProps": {
"name": "Acme Inc",
"slug": "acme-inc"
}
}POST /auth/refresh
Refresh an expired access token.
Body:
json
{
"refresh_token": "eyJ..."
}