SaaS APIauth

Login with Google or GitHub OAuth

View as Markdown

Client sends id_token (Google) or access_token (GitHub). Server verifies token, then logs in or registers user; returns same shape as POST /auth/login. Refresh token is set via Set-Cookie only.

Request

provider (google|github), idToken (Google), accessToken (GitHub)

providerstringRequired
accessTokenstringOptional
idTokenstringOptional

Response

data: { user, accessToken, workspaces }

accessTokenstring
userobject
workspaceslist of objects

Errors

401
Unauthorized Error
422
Unprocessable Entity Error
429
Too Many Requests Error