Overview
The Auth API handles user registration, authentication, session management, and organization membership. Sessions are token-based; include the returned token in the Authorization: Bearer <token> header for authenticated requests.
Endpoints
| Method | Path | Description |
|---|---|---|
| POST | /auth/register | Register a new user and create an org with a default API key |
| POST | /auth/login | Authenticate with email/password, return session token |
| POST | /auth/logout | Invalidate the current session |
| GET | /auth/me | Return current user profile and org stats |
| PATCH | /auth/me | Update user name or password |
| GET | /auth/me/members | List organization members |
| PATCH | /auth/me/members/:userId/role | Change a member's role |
| POST | /auth/accept-invite | Accept an invitation |
Example
curl -X POST http://localhost:4000/auth/login \
-H "Content-Type: application/json" \
-d '{"email":"user@example.com","password":"..."}'