API Changelog
Record of API changes, new features, and deprecations.
2025-01-15 - Documentation Restructure
Documentation Updates
- Reorganized API documentation into focused sections
- Added authentication subdirectory with flow-specific docs
- Added organizations subdirectory for org management
- Added platform subdirectory for admin APIs
- Created appendix with error codes, webhook events, JWT claims
- Added missing endpoint documentation (HRD, devices, SIEM, impersonation)
Latest Features
Home Realm Discovery (HRD)
POST /api/auth/lookup-email- Email domain lookup for SSO routing- Automatic redirect to upstream providers
- Domain verification for HRD configuration
User Device Management
GET /api/user/devices- List trusted devicesDELETE /api/user/devices/:id- Revoke device trustPATCH /api/user/devices/:id- Update device name- Device risk scoring
Organization Selection
POST /api/organizations/:slug/select- Switch organization context- Returns new tokens scoped to selected organization
SIEM Integration
POST /api/organizations/:slug/siem- Configure SIEMGET /api/organizations/:slug/siem- Get SIEM configDELETE /api/organizations/:slug/siem- Remove SIEM configPOST /api/organizations/:slug/siem/test- Test connection
Platform Impersonation
POST /api/platform/impersonate/:user_id- Impersonate user- Full audit trail
- Platform owner only
Versioning Policy
The AuthOS API uses semantic versioning principles:
- Breaking changes are announced 90 days in advance
- New features are added without version bump
- Deprecations are marked in documentation before removal
Backward Compatibility
All current endpoints maintain backward compatibility. No breaking changes are currently planned.