Skip to main content

Email/Password Flow

1

Sign Up

User provides email, firstName, lastName, password, and invitationToken.
2

Email Verification

Send OTP with EMAIL_VERIFICATION context. Verify OTP. Call Email Verification endpoint.
3

Sign In

Email + password → JWT tokens (accessToken, refreshToken, expiresIn).
4

Organization Selection

Multi-org users get 403 ORGANIZATION_SELECTION_REQUIRED. Must call Switch Organization.

OAuth Flow

1

Authorize

Provider (GoogleOAuth/MicrosoftOAuth) + redirectUri → authorization URL.
2

Provider Auth

User authenticates with provider.
3

Callback

Authorization code → JWT tokens.

Magic Auth Flow

1

Send OTP

Send OTP with MAGIC_AUTH context → returns otpId.
2

Verify OTP

Verify OTP with otpId, recipient, context, and code.
3

Sign In

Call Sign In Magic Auth with otpId and code → JWT tokens.