API Reference

Base URL

https://auth-api.z101.ai

All API requests require an API key passed via the x-api-key header. You can find your API key in the dashboard.

Interactive API Docs: Explore the full API with Swagger UI at auth-api.z101.ai/api/docs

Quick Start

Send an SMS OTP to a phone number:

curl -X POST https://auth-api.z101.ai/api/auth/sms/request \
  -H "Content-Type: application/json" \
  -H "x-api-key: YOUR_API_KEY" \
  -d '{
    "phone": "+15551234567"
  }'

Verify the OTP code:

curl -X POST https://auth-api.z101.ai/api/auth/sms/verify \
  -H "Content-Type: application/json" \
  -H "x-api-key: YOUR_API_KEY" \
  -d '{
    "phone": "+15551234567",
    "code": "123456"
  }'

Endpoint Groups

SMS OTP

POST /api/auth/sms/request

POST /api/auth/sms/verify

Email OTP

POST /api/auth/email/request

POST /api/auth/email/verify

Magic Links

POST /api/auth/magic-link/request

POST /api/auth/magic-link/verify

Password Auth

POST /api/auth/password/register

POST /api/auth/password/login

OAuth

GET /api/auth/oauth/google

GET /api/auth/oauth/github

GET /api/auth/oauth/apple

GET /api/auth/oauth/callback

Sessions

GET /api/auth/sessions

DELETE /api/auth/sessions/:id

User Profile

GET /api/auth/me

POST /api/auth/me

Webhooks

GET /api/webhooks

POST /api/webhooks

DELETE /api/webhooks/:id

SDKs

React SDK

Hooks and components for React apps

npm install @auth1/react

JavaScript SDK

Framework-agnostic JS client

npm install @auth1/js

Authentication

All API requests must include your API key in the x-api-key header:

x-api-key: auth1_pk_your_api_key_here

Your API key is scoped to your tenant. All data is isolated per tenant. Never expose your API key in client-side code — use a server-side proxy or the SDKs.

Need help? Check the full documentation or email support@auth1.ai.