Authentication Endpoints
POST /auth/register
Register a new user.
Auth: None
Request Body:
{
"email": "user@example.com",
"password": "secret123",
"display_name": "Jane Doe",
"role": "user"
}
| Field | Type | Required | Notes |
|---|---|---|---|
email | string | Yes | Must be a valid email |
password | string | Yes | Min 8 chars, 1 letter, 1 number |
display_name | string | No | Display name |
role | string | No | "user" or "admin". Defaults to "user" |
Response 201:
{
"data": {
"id": "uuid",
"email": "user@example.com",
"display_name": "Jane Doe",
"role": "user",
"created_at": "2026-03-06T12:00:00.000Z"
},
"message": "User registered successfully"
}
Errors:
| Code | Reason |
|---|---|
400 | Validation failed (invalid email, weak password) |
409 | Email already in use |
POST /auth/login
Authenticate and receive tokens.
Auth: None
Request Body:
{
"email": "user@example.com",
"password": "secret123"
}
Response 200:
{
"data": {
"accessToken": "<jwt>",
"refreshToken": "<jwt>",
"user": {
"id": "uuid",
"email": "user@example.com",
"display_name": "Jane Doe",
"role": "user"
}
}
}
Errors:
| Code | Reason |
|---|---|
400 | Missing email or password |
401 | Invalid credentials |
POST /auth/refresh
Exchange a refresh token for a new token pair.
Auth: None
Request Body:
{
"refreshToken": "<jwt>"
}
Response 200:
{
"data": {
"accessToken": "<new-jwt>",
"refreshToken": "<new-jwt>"
}
}
Errors:
| Code | Reason |
|---|---|
400 | Missing refreshToken |
401 | Invalid or expired refresh token |
GET /auth/me
Return the currently authenticated user.
Auth: Authorization: Bearer <accessToken>
Response 200:
{
"data": {
"id": "uuid",
"email": "user@example.com",
"display_name": "Jane Doe",
"role": "user",
"created_at": "2026-03-06T12:00:00.000Z"
}
}
Errors:
| Code | Reason |
|---|---|
401 | Missing or invalid token |
404 | User not found |