Identify

curl --request POST \
  --url https://api.example.com/api/v1/auth/identify \
  --header 'Content-Type: application/json' \
  --data '
{
  "email": "<string>"
}
'

{
  "method": "<string>",
  "passkey_options": {},
  "twofa_required": false,
  "fallbacks": []
}

Auth

Identify

Decide the best auth method for this email. Returns one of: { method: "passkey", passkey_options: {...} } user has a passkey { method: "password", twofa_required: bool } user has a usable password { method: "magic_link_sent" } magic-link-only user (link sent) { method: "no_account" } no account exists for this email Preference order: passkey > password > magic-link (per "passkey wins" UX decision). The "no_account" branch does NOT send anything — the caller decides whether to surface a signup CTA (login page) or proceed with signup (signup page). Rate-limited per IP (10/min) to prevent enumeration sweeps.

POST

api

auth

identify

Identify

curl --request POST \
  --url https://api.example.com/api/v1/auth/identify \
  --header 'Content-Type: application/json' \
  --data '
{
  "email": "<string>"
}
'

{
  "method": "<string>",
  "passkey_options": {},
  "twofa_required": false,
  "fallbacks": []
}

Body

application/json

string

required

Response

200 - application/json

method

string

required

passkey_options

Passkey Options · object

twofa_required

boolean

default:false

fallbacks

string[]

Request Magic Link Login With Password

Documentation Index

Body

Response