Intercode SaaS Kit
  • Welcome to SaaS Starter Kit
  • Getting Started
    • Technology stack
    • Database Setup
    • Local Environment Setup
  • Basics
    • Dependencies
    • App architecture
    • Deployment
    • App roles
    • Endpoints List
      • Auth
      • Two Factor Auth
      • Businesses
      • Demo
      • Email
      • Export Document
      • Email Files
      • Files Demo
      • Leads
      • Orders
      • Payments
      • Subscriptions
      • Teams
      • Team Memberships
      • User Admin
  • Animation and Styles
    • Framer Motion
    • Ant Design and Styles
  • Pages
    • Auth
      • Working with PassportJS
      • Two-Factor Auth
      • OAuth Providers
    • Leads
    • Businesses
    • Team management
      • Ownership
    • Profile
    • User Settings
      • App Tour
    • App Settings
      • Lead Statuses
    • Dashboard
      • Lead volume widget
      • Doughnut chart widget
      • Recent leads table widget
      • Lead count over period widget
    • Demo
  • Features
    • Impersonation
    • Subscriptions (Stripe)
    • Search
    • Sentry
    • Captcha
    • Audit Logs
    • Internationalization
  • External integrations
    • Mailer
    • Google oAuth2
    • Facebook oAuth2
    • S3 compatible storage (AWS, MinIO)
Powered by GitBook
On this page
  1. Basics
  2. Endpoints List

Auth

This page describes all endpoint in Auth Controller

PreviousEndpoints ListNextTwo Factor Auth

Last updated 5 months ago

GET

POST

Gets the profile of the authenticated user.

get
Responses
application/json
application/json
cURL
JavaScript
Python
HTTP
curl -L \
  --url '/auth/me'
200
401
{
  "id": 1,
  "email": "user.email@gmail.com",
  "firstName": "John",
  "lastName": "Doe",
  "roles": [
    "User"
  ],
  "isTwoFactorEnable": true,
  "photo": "https://example.com/photo.jpg"
}

User profile retrieved successfully

  • GET
  • GETGets the profile of the authenticated user.
  • POST
  • POSTAuthenticates a user, verifies their captchaToken, and returns tokens for session management along with their two-factor authentication status.
  • POSTRegisters a new user with email and password and returns tokens for session management.
  • POSTAuthenticates a user using Google OAuth and returns tokens for session management.
  • POSTRegisters a new user using Google OAuth and returns tokens for session management.
  • POSTAuthenticates a user using Facebook OAuth and returns tokens for session management.
  • POSTRegisters a new user using Facebook OAuth and returns tokens for session management.
  • POSTRefreshes the access token using a valid refresh token.
  • POSTInitiates the password reset process by sending a reset link to the user's email.
  • POSTValidates the restore token to ensure it is still valid and has not expired.
  • POSTValidates the invitation token to ensure it is still valid and has not expired.
  • POSTRestores the user's password using a valid restore token.
  • POSTCompletes the invitation process by setting the user's password and activating the account.
  • POSTChanges the user's active team and returns new tokens for session management.

Authenticates a user, verifies their captchaToken, and returns tokens for session management along with their two-factor authentication status.

post
Body
credentialsobjectoptional

captchaTokenstringoptional
Example: captcha_token
Responses
application/json
application/json
cURL
JavaScript
Python
HTTP
curl -L \
  --request POST \
  --url '/auth/sign-in' \
  --header 'Content-Type: application/json' \
  --data '{
    "credentials": {
      "email": "user.email@gmail.com",
      "password": "user12345"
    },
    "captchaToken": "captcha_token"
  }'
200
400
{
  "accessToken": "access_token",
  "refreshToken": "refresh_token",
  "isTwoFactorEnable": true
}

Successful authentication

Registers a new user with email and password and returns tokens for session management.

post
Body
emailstringoptional
Example: user.email@gmail.com
passwordstringoptional
Example: user12345
firstNamestringoptional
Example: John
lastNamestringoptional
Example: Doe
Responses
application/json
application/json
application/json
cURL
JavaScript
Python
HTTP
curl -L \
  --request POST \
  --url '/auth/sign-up' \
  --header 'Content-Type: application/json' \
  --data '{
    "email": "user.email@gmail.com",
    "password": "user12345",
    "firstName": "John",
    "lastName": "Doe"
  }'
201
400
403
{
  "accessToken": "access_token",
  "refreshToken": "refresh_token",
  "isTwoFactorEnable": true
}

User successfully registered

Authenticates a user using Google OAuth and returns tokens for session management.

post
Body
tokenstringoptional
Example: google_oauth_token
Responses
application/json
application/json
cURL
JavaScript
Python
HTTP
curl -L \
  --request POST \
  --url '/auth/google/sign-in' \
  --header 'Content-Type: application/json' \
  --data '{
    "token": "google_oauth_token"
  }'
200
400
{
  "accessToken": "access_token",
  "refreshToken": "refresh_token",
  "isTwoFactorEnable": true
}

Successful authentication

Registers a new user using Google OAuth and returns tokens for session management.

post
Body
tokenstringoptional
Example: google_oauth_token
Responses
application/json
application/json
application/json
cURL
JavaScript
Python
HTTP
curl -L \
  --request POST \
  --url '/auth/google/sign-up' \
  --header 'Content-Type: application/json' \
  --data '{
    "token": "google_oauth_token"
  }'
201
400
403
{
  "accessToken": "access_token",
  "refreshToken": "refresh_token",
  "isTwoFactorEnable": true
}

User successfully registered

Authenticates a user using Facebook OAuth and returns tokens for session management.

post
Body
tokenstringoptional
Example: facebook_oauth_token
Responses
application/json
application/json
cURL
JavaScript
Python
HTTP
curl -L \
  --request POST \
  --url '/auth/facebook/sign-in' \
  --header 'Content-Type: application/json' \
  --data '{
    "token": "facebook_oauth_token"
  }'
200
400
{
  "accessToken": "access_token",
  "refreshToken": "refresh_token",
  "isTwoFactorEnable": true
}

Successful authentication

Registers a new user using Facebook OAuth and returns tokens for session management.

post
Body
tokenstringoptional
Example: facebook_oauth_token
Responses
application/json
application/json
application/json
cURL
JavaScript
Python
HTTP
curl -L \
  --request POST \
  --url '/auth/facebook/sign-up' \
  --header 'Content-Type: application/json' \
  --data '{
    "token": "facebook_oauth_token"
  }'
201
400
403
{
  "accessToken": "access_token",
  "refreshToken": "refresh_token",
  "isTwoFactorEnable": true
}

User successfully registered

Refreshes the access token using a valid refresh token.

post
Body
refreshTokenstringoptional
Example: valid_refresh_token
Responses
application/json
application/json
cURL
JavaScript
Python
HTTP
curl -L \
  --request POST \
  --url '/auth/refresh-token' \
  --header 'Content-Type: application/json' \
  --data '{
    "refreshToken": "valid_refresh_token"
  }'
200
401
{
  "accessToken": "new_access_token",
  "refreshToken": "new_refresh_token",
  "isTwoFactorEnable": true
}

Tokens refreshed successfully

Initiates the password reset process by sending a reset link to the user's email.

post
Body
emailstringoptional
Example: user.email@gmail.com
Responses
application/json
application/json
cURL
JavaScript
Python
HTTP
curl -L \
  --request POST \
  --url '/auth/forgot-password' \
  --header 'Content-Type: application/json' \
  --data '{
    "email": "user.email@gmail.com"
  }'
200
400
{
  "message": "Password restoration email send",
  "description": "Check your email for further instructions on how to change your password."
}

Password reset link sent successfully

Validates the restore token to ensure it is still valid and has not expired.

post
Body
tokenstringoptional
Example: valid_restore_token
Responses
application/json
application/json
cURL
JavaScript
Python
HTTP
curl -L \
  --request POST \
  --url '/auth/validate-restore-token' \
  --header 'Content-Type: application/json' \
  --data '{
    "token": "valid_restore_token"
  }'
200
400
true

Token is valid

Validates the invitation token to ensure it is still valid and has not expired.

post
Body
tokenstringoptional
Example: valid_invitation_token
Responses
application/json
application/json
cURL
JavaScript
Python
HTTP
curl -L \
  --request POST \
  --url '/auth/validate-invitation-token' \
  --header 'Content-Type: application/json' \
  --data '{
    "token": "valid_invitation_token"
  }'
200
400
true

Token is valid

Restores the user's password using a valid restore token.

post
Body
newPasswordstringrequired
Example: newSecurePassword123
tokenstringrequired
Example: someRandomToken123
Responses
application/json
application/json
application/json
cURL
JavaScript
Python
HTTP
curl -L \
  --request POST \
  --url '/auth/restore-password' \
  --header 'Content-Type: application/json' \
  --data '{
    "newPassword": "newSecurePassword123",
    "token": "someRandomToken123"
  }'
200
400
500
{
  "message": "Password restored successfully",
  "description": "Your password has been changed successfully."
}

Password restored successfully

Completes the invitation process by setting the user's password and activating the account.

post
Body
newPasswordstringrequired

New password for the user

Example: newSecurePassword123
tokenstringrequired

Token for registration completion

Example: someRandomToken123
firstNamestringrequired

First name of the user

Example: John
lastNamestringrequired

Last name of the user

Example: Doe
Responses
application/json
application/json
application/json
cURL
JavaScript
Python
HTTP
curl -L \
  --request POST \
  --url '/auth/finish-invitation' \
  --header 'Content-Type: application/json' \
  --data '{
    "newPassword": "newSecurePassword123",
    "token": "someRandomToken123",
    "firstName": "John",
    "lastName": "Doe"
  }'
200
400
500
{
  "message": "Invitation finished successfully",
  "description": "Your account has been activated and your password has been set successfully."
}

Invitation finished successfully

Changes the user's active team and returns new tokens for session management.

post
Body
teamIdstringoptional
Example: team_id
Responses
application/json
application/json
application/json
cURL
JavaScript
Python
HTTP
curl -L \
  --request POST \
  --url '/auth/change-team' \
  --header 'Content-Type: application/json' \
  --data '{
    "teamId": "team_id"
  }'
200
400
403
{
  "accessToken": "new_access_token",
  "refreshToken": "new_refresh_token",
  "isTwoFactorEnable": true
}

Team changed successfully