Auth API
Manage user authentication, registration, and profile updates.
Endpoints Overview
| Method | Endpoint | Description |
|---|---|---|
| POST | /auth/register | Register a new user |
| POST | /auth/token | Login (get access token) |
| GET | /auth/me | Get current user profile |
| PATCH | /auth/me | Update current user profile |
| DELETE | /auth/me | Deactivate current user account |
| POST | /auth/forgot-password | Request password reset |
| POST | /auth/reset-password | Reset password with token |
| POST | /auth/change-password | Change password (authenticated) |
Authentication
Login (Get Token)
POST /auth/token
Content-Type: application/x-www-form-urlencoded
Request Body
| Field | Type | Description |
|---|---|---|
username | string | User email |
password | string | User password |
Response
{
"access_token": "eyJhbGciOiJIUz...",
"token_type": "bearer"
}
User Management
Register
POST /auth/register
Request Body
{
"email": "new.user@example.com",
"password": "securePassword123",
"first_name": "New",
"last_name": "User",
"is_active": true,
"is_superadmin": false
}
Response
{
"id": "...",
"email": "new.user@example.com",
"first_name": "New",
"last_name": "User",
"is_active": true,
"is_superadmin": false,
"created_at": "2026-02-08T10:00:00Z"
}
Get Current Profile
GET /auth/me
Requires: specific scope / authenticated user
Response
{
"id": "...",
"email": "user@example.com",
"first_name": "John",
"last_name": "Doe",
"is_active": true,
"is_superadmin": false
}
Update Profile
PATCH /auth/me
Request Body
{
"full_name": "Johnathan Doe",
"avatar_color": "#ff0000",
"avatar_type": "initials",
"avatar_url": null
}
Deactivate Account
DELETE /auth/me
Deactivates the current user's account.
Password Management
Forgot Password
POST /auth/forgot-password
Initiates the password reset process.
Request Body
{
"email": "user@example.com"
}
Response
{
"message": "If this email exists, a reset link has been sent."
}
Reset Password
POST /auth/reset-password
Completes the password reset process using the token received via email.
Request Body
{
"token": "reset-token-string",
"new_password": "newSecurePassword123"
}
Change Password
POST /auth/change-password
Requires: Authenticated user
Request Body
{
"current_password": "oldPassword123",
"new_password": "newSecurePassword123"
}