API Reference
Complete API reference for Auth endpoints.
Authentication
All Auth API endpoints require authentication:
Authorization: Bearer YOUR_API_KEYOr use the X-API-Key header:
X-API-Key: YOUR_API_KEYBase URL
https://api.usetransactional.com/auth
Users
Create User
POST /auth/usersBody:
{
"email": "user@example.com",
"password": "SecurePassword123!",
"emailVerified": false,
"profile": {
"firstName": "John",
"lastName": "Doe"
},
"metadata": {
"plan": "pro"
}
}Response:
{
"id": "user_xxx",
"email": "user@example.com",
"emailVerified": false,
"status": "PENDING_VERIFICATION",
"profile": {
"firstName": "John",
"lastName": "Doe"
},
"createdAt": "2024-01-01T00:00:00.000Z"
}List Users
GET /auth/usersQuery Parameters:
| Parameter | Type | Description |
|---|---|---|
count | number | Results per page (max 100) |
offset | number | Pagination offset |
status | string | Filter by status |
search | string | Search email, name |
Get User
GET /auth/users/{userId}Update User
PATCH /auth/users/{userId}Body:
{
"profile": {
"firstName": "Jonathan"
},
"metadata": {
"plan": "enterprise"
}
}Delete User
DELETE /auth/users/{userId}Block User
POST /auth/users/{userId}/blockUnblock User
POST /auth/users/{userId}/unblockApplications
Create Application
POST /auth/applicationsBody:
{
"name": "My App",
"type": "SPA",
"redirectUris": ["https://myapp.com/callback"],
"allowedOrigins": ["https://myapp.com"],
"grantTypes": ["AUTHORIZATION_CODE", "REFRESH_TOKEN"]
}List Applications
GET /auth/applicationsGet Application
GET /auth/applications/{applicationId}Update Application
PATCH /auth/applications/{applicationId}Delete Application
DELETE /auth/applications/{applicationId}Rotate Secret
POST /auth/applications/{applicationId}/rotate-secretSessions
List User Sessions
GET /auth/users/{userId}/sessionsRevoke Session
DELETE /auth/sessions/{sessionId}Revoke All User Sessions
DELETE /auth/users/{userId}/sessionsMFA
List Factors
GET /auth/users/{userId}/mfa/factorsEnroll TOTP
POST /auth/users/{userId}/mfa/totp/enrollResponse:
{
"secret": "JBSWY3DPEHPK3PXP",
"qrCodeUri": "otpauth://totp/MyApp:user@example.com?secret=..."
}Verify TOTP
POST /auth/users/{userId}/mfa/totp/verifyBody:
{
"code": "123456"
}Remove Factor
DELETE /auth/users/{userId}/mfa/factors/{factorId}Generate Recovery Codes
POST /auth/users/{userId}/mfa/recovery-codesSSO Connections
Create Connection
POST /auth/connectionsBody (OIDC):
{
"name": "Okta SSO",
"type": "OIDC",
"provider": "OKTA",
"config": {
"issuerUrl": "https://your-domain.okta.com",
"clientId": "xxx",
"clientSecret": "xxx"
},
"domains": ["acme.com"],
"jitProvisioning": true
}Body (SAML):
{
"name": "Azure AD SSO",
"type": "SAML",
"provider": "AZURE_AD",
"config": {
"idpEntityId": "https://sts.windows.net/xxx/",
"ssoUrl": "https://login.microsoftonline.com/xxx/saml2",
"idpCertificate": "-----BEGIN CERTIFICATE-----..."
}
}List Connections
GET /auth/connectionsGet Connection
GET /auth/connections/{connectionId}Update Connection
PATCH /auth/connections/{connectionId}Delete Connection
DELETE /auth/connections/{connectionId}Organizations
Create Organization
POST /auth/organizationsBody:
{
"name": "Acme Corp",
"slug": "acme",
"displayName": "Acme Corporation"
}List Organizations
GET /auth/organizationsGet Organization
GET /auth/organizations/{organizationId}Update Organization
PATCH /auth/organizations/{organizationId}Delete Organization
DELETE /auth/organizations/{organizationId}List Members
GET /auth/organizations/{organizationId}/membersAdd Member
POST /auth/organizations/{organizationId}/membersBody:
{
"userId": "user_xxx",
"role": "MEMBER"
}Remove Member
DELETE /auth/organizations/{organizationId}/members/{userId}Invite User
POST /auth/organizations/{organizationId}/invitationsBody:
{
"email": "newuser@example.com",
"role": "MEMBER"
}Webhooks
Create Webhook
POST /auth/webhooksBody:
{
"url": "https://yourapp.com/webhooks/auth",
"events": ["user.created", "login.success"]
}List Webhooks
GET /auth/webhooksGet Webhook
GET /auth/webhooks/{webhookId}Update Webhook
PATCH /auth/webhooks/{webhookId}Delete Webhook
DELETE /auth/webhooks/{webhookId}List Deliveries
GET /auth/webhooks/{webhookId}/deliveriesSecurity
Get Password Policy
GET /auth/security/password-policyUpdate Password Policy
PATCH /auth/security/password-policyGet Session Policy
GET /auth/security/session-policyUpdate Session Policy
PATCH /auth/security/session-policyAudit Logs
Query Logs
GET /auth/logsQuery Parameters:
| Parameter | Type | Description |
|---|---|---|
startDate | string | ISO 8601 start date |
endDate | string | ISO 8601 end date |
eventTypes | string[] | Filter by event type |
userId | string | Filter by user |
count | number | Results per page |
SDK Reference
TypeScript SDK
import { Transactional } from '@usetransactional/node';
const client = new Transactional({
apiKey: process.env.TRANSACTIONAL_API_KEY,
});
// Users
const user = await client.auth.users.create({ email, password });
const users = await client.auth.users.list({ status: 'ACTIVE' });
// Applications
const app = await client.auth.applications.create({ name, type });
// MFA
const enrollment = await client.auth.mfa.enrollTotp(userId);
await client.auth.mfa.verifyTotp(userId, { code });
// Organizations
const org = await client.auth.organizations.create({ name, slug });
await client.auth.organizations.addMember(orgId, { userId, role });
// Webhooks
const webhook = await client.auth.webhooks.create({ url, events });Python SDK
from usetransactional import Transactional
client = Transactional(api_key="your_api_key")
# Users
user = client.auth.users.create(email=email, password=password)
users = client.auth.users.list(status="ACTIVE")
# Applications
app = client.auth.applications.create(name=name, type=type)
# MFA
enrollment = client.auth.mfa.enroll_totp(user_id)
client.auth.mfa.verify_totp(user_id, code=code)
# Organizations
org = client.auth.organizations.create(name=name, slug=slug)
client.auth.organizations.add_member(org_id, user_id=user_id, role=role)
# Webhooks
webhook = client.auth.webhooks.create(url=url, events=events)Error Codes
| HTTP Status | Code | Description |
|---|---|---|
| 400 | INVALID_REQUEST | Invalid request body |
| 401 | UNAUTHORIZED | Invalid or missing API key |
| 403 | FORBIDDEN | Insufficient permissions |
| 404 | NOT_FOUND | Resource not found |
| 409 | CONFLICT | Resource already exists |
| 429 | RATE_LIMITED | Too many requests |
Auth-Specific Errors
| Code | Description |
|---|---|
USER_BLOCKED | User account is blocked |
EMAIL_NOT_VERIFIED | Email verification required |
PASSWORD_TOO_WEAK | Password doesn't meet policy |
PASSWORD_BREACHED | Password found in breach database |
MFA_REQUIRED | Multi-factor authentication required |
INVALID_MFA_CODE | Invalid MFA verification code |
ACCOUNT_LOCKED | Account temporarily locked |
On This Page
- Authentication
- Base URL
- Users
- Create User
- List Users
- Get User
- Update User
- Delete User
- Block User
- Unblock User
- Applications
- Create Application
- List Applications
- Get Application
- Update Application
- Delete Application
- Rotate Secret
- Sessions
- List User Sessions
- Revoke Session
- Revoke All User Sessions
- MFA
- List Factors
- Enroll TOTP
- Verify TOTP
- Remove Factor
- Generate Recovery Codes
- SSO Connections
- Create Connection
- List Connections
- Get Connection
- Update Connection
- Delete Connection
- Organizations
- Create Organization
- List Organizations
- Get Organization
- Update Organization
- Delete Organization
- List Members
- Add Member
- Remove Member
- Invite User
- Webhooks
- Create Webhook
- List Webhooks
- Get Webhook
- Update Webhook
- Delete Webhook
- List Deliveries
- Security
- Get Password Policy
- Update Password Policy
- Get Session Policy
- Update Session Policy
- Audit Logs
- Query Logs
- SDK Reference
- TypeScript SDK
- Python SDK
- Error Codes
- Auth-Specific Errors