Skip to main content

Endpoints

MethodEndpointAuthNotes
POST/api/agents/v1/auth/signupNoneCreate user, create Stripe customer, send verification email
POST/api/agents/v1/auth/loginNoneReturns Bearer token. Supports token_expiry selector
POST/api/agents/v1/auth/verify-emailNoneVerify email with verification_code (no browser required). Returns access_token + api_key
POST/api/agents/v1/auth/refreshBearer tokenRefresh/rotate access token without re-login
POST/api/agents/v1/auth/logoutBearer tokenRevokes current token
POST/api/agents/v1/auth/logout-allBearer tokenRevokes all user tokens
POST/api/agents/v1/auth/resend-verificationNoneResends verification email
POST/api/agents/v1/auth/forgot-passwordNoneSends password reset email
POST/api/agents/v1/auth/reset-passwordNoneResets password with token
GET/verify/{token}NoneCompatibility verification endpoint

Signup

Login

Supported token_expiry values:
  • 1_week
  • 1_month (default)
  • 3_months
  • never
Example response:

Logout

Resend Verification

Forgot / Reset Password

Verify Email (Headless)

Verify a user’s email address using the verification_code from the verification email. This is the headless alternative to clicking the browser verification link, returning an access_token and api_key directly.
Example response:
Use this endpoint in headless agent flows to avoid browser-based verification entirely. The verification_code is the token embedded in the verification email link.

Refresh Token

Rotate the current access token without re-authenticating with email/password. The old token is revoked and a new one is issued.
Example response:
Both token_expiry and device_name are optional. If omitted, the new token defaults to 1_month expiry and inherits the previous token name.

Verification Compatibility Route

This route exists for compatibility and supports browser redirect flow as well as JSON response mode.