API Reference
Complete endpoint documentation for the AuthOS API including authentication, user management, organizations, services, and integrations.
API Reference
Complete endpoint documentation for the AuthOS API.
Endpoints by Category
Authentication & Users
- Authentication - Registration, login, OAuth flows, and device authorization
- User Management - User profiles, identities, and MFA
Organizations & Services
- Organizations - Multi-tenant organization management, SMTP, domains, and branding
- Services - Service configuration and OAuth settings
- Invitations - Team member invitations and onboarding
Security & Access Control
- API Keys - Service-to-service authentication
- Service API - Backend API endpoints for services
- SAML - SAML 2.0 Identity Provider
Governance & Integration
- Audit Logs - Activity tracking and compliance
- Audit Events Reference - Complete event types and payload schemas
- Webhooks - Real-time event notifications
- Platform Management - Platform owner administration
- Integrations - Third-party integrations (Stripe)
Operations & Monitoring
- Health Checks - Service health, liveness, and readiness probes
- Analytics - Login analytics and usage metrics
Sections
Authentication API
Complete authentication endpoints covering OAuth, password, MFA, magic links, passkeys, device authorization, and session management.
8 pagesOrganization Management API
Multi-tenant organization management including CRUD operations, members, settings, BYOO credentials, and end-user management.
5 pagesEnterprise Features
Enterprise-grade features including SAML SSO, SCIM provisioning, and SIEM integration for security monitoring.
3 pagesIntegrations
Third-party integration endpoints including webhooks for event notifications and upstream OAuth provider configuration.
2 pagesPlatform Owner API
Administrative endpoints for platform governance, organization lifecycle, analytics, audit logs, and security oversight.
5 pagesPages
Authentication API
Complete authentication endpoints covering OAuth, password, MFA, magic links, passkeys, device authorization, and session management.
User Management API
Complete API documentation for user-related endpoints including profile management, password changes, MFA setup, backup codes, and OAuth identity linking.
Organization Management API
Multi-tenant organization management including CRUD operations, members, settings, BYOO credentials, and end-user management.
Service Management API
Comprehensive API for managing services and subscription plans within organizations, including CRUD operations, plan management, and service limits enforcement.
Invitations API
Team member invitation endpoints for onboarding users to organizations with role-based access control and expiration management.
User Devices
Manage user trusted devices and sessions
API Key Management
Comprehensive API for managing API keys for service-to-service authentication, enabling secure backend access without user JWTs.
Service API
Secure service-to-service endpoints for managing users, subscriptions, and analytics using API key authentication for backend operations.
Organization Audit Logs API
Comprehensive API for accessing organization audit logs with detailed tracking of administrative actions for compliance, security, and governance.
Enterprise Features
Enterprise-grade features including SAML SSO, SCIM provisioning, and SIEM integration for security monitoring.
Integrations
Third-party integration endpoints including webhooks for event notifications and upstream OAuth provider configuration.
Analytics API
Endpoints for retrieving login and authentication analytics including user patterns, service usage monitoring, and OAuth provider adoption tracking.
Platform Owner API
Administrative endpoints for platform governance, organization lifecycle, analytics, audit logs, and security oversight.
Health Check API
Operational health check endpoints for monitoring service availability, liveness probes, and database readiness checks.
Privacy & GDPR API
GDPR compliance endpoints for data export and deletion (Right to Access and Right to be Forgotten)