Auth Configuration

Configure which sign-in methods are available in your project: Dashboard → Auth → Configuration.

Sign-in methods

Email only

Available endpoints:

• POST /auth/register — email, password, name, customFields
• POST /auth/login — email, password
• POST /auth/otp/send — email (if OTP enabled)
• POST /auth/otp/verify — email + code

Example register with custom fields:

{
  "email": "[email protected]",
  "password": "StrongPassword123!",
  "name": "Jane Doe",
  "customFields": {
    "company": "Acme Inc",
    "role": "Developer"
  }
}

Phone only

Available endpoints:

• POST /auth/otp/send — phone
• POST /auth/otp/verify — phone + code

Example:

{ "phone": "+919876543210" }
// → verify with code
{ "phone": "+919876543210", "code": "123456" }

Both (email and phone)

Available endpoints:

• All of the above
• POST /auth/otp/send accepts either email or phone

// Passwordless via phone
{ "phone": "+919876543210" }
 
// Passwordless via email
{ "email": "[email protected]" }

Custom registration fields

Add custom fields in Dashboard → Auth → Custom Registration Fields. These are stored in profile_extras and returned via GET /me:

// Register
{
  "email": "[email protected]",
  "password": "password",
  "customFields": { "plan": "pro", "company": "Acme" }
}
 
// GET /me response
{
  "id": "uuid",
  "email": "[email protected]",
  "profile_extras": { "plan": "pro", "company": "Acme" }
}

Email verification

Toggle Require email verification in the dashboard. When enabled, signUp returns requiresVerification: true and no token is issued until the email is confirmed.

See Email Verification for handling this in your app.

Redirect URLs

Configure these in Dashboard → Auth → Configuration: