Endpoints
| Method | Endpoint | Auth | Notes |
|---|---|---|---|
POST | /api/agents/v1/auth/signup | None | Create user, create Stripe customer, send verification email |
POST | /api/agents/v1/auth/login | None | Returns Bearer token. Supports token_expiry selector |
POST | /api/agents/v1/auth/verify-email | None | Verify email with verification_code (no browser required). Returns access_token + api_key |
POST | /api/agents/v1/auth/refresh | Bearer token | Refresh/rotate access token without re-login |
POST | /api/agents/v1/auth/logout | Bearer token | Revokes current token |
POST | /api/agents/v1/auth/logout-all | Bearer token | Revokes all user tokens |
POST | /api/agents/v1/auth/resend-verification | None | Resends verification email |
POST | /api/agents/v1/auth/forgot-password | None | Sends password reset email |
POST | /api/agents/v1/auth/reset-password | None | Resets password with token |
GET | /verify/{token} | None | Compatibility verification endpoint |
Signup
Login
token_expiry values:
1_week1_month(default)3_monthsnever
Logout
Resend Verification
Forgot / Reset Password
Verify Email (Headless)
Verify a user’s email address using theverification_code from the verification email. This is the headless alternative to clicking the browser verification link, returning an access_token and api_key directly.
Refresh Token
Rotate the current access token without re-authenticating with email/password. The old token is revoked and a new one is issued.Both
token_expiry and device_name are optional. If omitted, the new token defaults to 1_month expiry and inherits the previous token name.Verification Compatibility Route
This route exists for compatibility and supports browser redirect flow as well as JSON response mode.

