Authentication API
The Authentication API allows you to register new users, authenticate them, and manage their profiles. All authentication endpoints are located under /api/v1/auth.
Register
Create a new user account.
Endpoint: POST /api/v1/auth/register
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
name | string | Yes | Full name of the user |
email | string | Yes | Valid email address (must be unique) |
password | string | Yes | Password (min 8 characters) |
password_confirmation | string | Yes | Must match password |
application_id | integer | No | ID of the mobile application (if applicable) |
Response (201 Created)
{
"success": true,
"message": "Registration successful",
"data": {
"user": {
"id": 1,
"name": "John Doe",
"email": "john@example.com",
"avatar": "https://...",
"status": "active",
"created_at": "2023-01-01T12:00:00.000000Z",
"updated_at": "2023-01-01T12:00:00.000000Z"
},
"token": "1|sanctum_token_string..."
}
}Login
Authenticate an existing user and retrieve an API token.
Endpoint: POST /api/v1/auth/login
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
email | string | Yes | Registered email address |
password | string | Yes | User's password |
Response (200 OK)
{
"success": true,
"message": "Login successful",
"data": {
"user": {
"id": 1,
"name": "John Doe",
"email": "john@example.com",
"avatar": "https://...",
"status": "active",
"created_at": "2023-01-01T12:00:00.000000Z",
"updated_at": "2023-01-01T12:00:00.000000Z"
},
"token": "2|new_sanctum_token_string..."
}
}Get Current User
Retrieve the currently authenticated user's profile.
Endpoint: GET /api/v1/auth/me
Authentication: Required (Bearer <token>)
Response (200 OK)
{
"success": true,
"data": {
"id": 1,
"name": "John Doe",
"email": "john@example.com",
"avatar": "https://...",
"status": "active",
"created_at": "2023-01-01T12:00:00.000000Z",
"updated_at": "2023-01-01T12:00:00.000000Z"
}
}Verify Token
Verify if the current token is valid and the user account is active.
Endpoint: GET /api/v1/auth/verify
Authentication: Required (Bearer <token>)
Response (200 OK)
{
"success": true,
"message": "Token is valid",
"data": {
"user": { ... },
"status": "active"
}
}Error Response (403 Forbidden)
If the account is inactive or banned:
{
"success": false,
"message": "Account is inactive",
"code": 403,
"data": {
"status": "inactive",
"requires_logout": true
}
}Update Profile
Update the authenticated user's profile information.
Endpoint: PATCH /api/v1/auth/profile
Authentication: Required (Bearer <token>)
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
name | string | No | New full name |
email | string | No | New email address (must be unique) |
Response (200 OK)
{
"success": true,
"message": "Profile updated successfully",
"data": {
"id": 1,
"name": "Jane Doe",
"email": "jane@example.com",
...
}
}Update Password
Change the authenticated user's password.
Endpoint: PUT /api/v1/auth/password
Authentication: Required (Bearer <token>)
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
current_password | string | Yes | The user's current password |
password | string | Yes | New password (min 8 characters) |
password_confirmation | string | Yes | Must match the new password |
Response (200 OK)
{
"success": true,
"message": "Password updated successfully",
"data": null
}Logout
Invalidate the current API token.
Endpoint: POST /api/v1/auth/logout
Authentication: Required (Bearer <token>)
Response (200 OK)
{
"success": true,
"message": "Logged out successfully",
"data": null
}