{
  "first_name": "John",
  "last_name": "Doe",
  "username": "johndoe",
  "email": "john.doe@example.com",
  "password": "secure-password",
  "confirm_password": "secure-password"
}

{
  "user": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "aud": "authenticated",
    "role": "authenticated",
    "email": "john.doe@example.com",
    "email_confirmed_at": null,
    "phone": "",
    "confirmed_at": null,
    "last_sign_in_at": "2023-05-01T12:34:56.789Z",
    "app_metadata": {
      "provider": "email",
      "providers": ["email"]
    },
    "user_metadata": {
      "first_name": "John",
      "last_name": "Doe"
    },
    "identities": [],
    "created_at": "2023-05-01T12:34:56.789Z",
    "updated_at": "2023-05-01T12:34:56.789Z"
  }
}

Sign Up API

The signup endpoints allow new users to create accounts on the ProductFlo platform. Multiple registration methods are supported, including email, phone number, and OAuth providers.

Email Signup

POST /auth/signup

Create a new user account with email and password
Creates a new user account with email and password authentication.

Request

curl -X POST https://api.productflo.io/auth/signup \
  -H "Content-Type: application/json" \
  -d '{
    "first_name": "John",
    "last_name": "Doe",
    "username": "johndoe",
    "email": "john.doe@example.com",
    "password": "secure-password",
    "confirm_password": "secure-password"
  }'

Request Body

first_name
string
The user’s first name
last_name
string
The user’s last name
full_name
string
The user’s full name (alternative to providing first_name and last_name separately)
username
string
required
The user’s username
email
string
required
The user’s email address
password
string
required
The user’s password
confirm_password
string
required
Confirmation of the password (must match password)

Response

user
object
User information
session
object
Session information if auto-login is enabled
{
  "first_name": "John",
  "last_name": "Doe",
  "username": "johndoe",
  "email": "john.doe@example.com",
  "password": "secure-password",
  "confirm_password": "secure-password"
}

{
  "user": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "aud": "authenticated",
    "role": "authenticated",
    "email": "john.doe@example.com",
    "email_confirmed_at": null,
    "phone": "",
    "confirmed_at": null,
    "last_sign_in_at": "2023-05-01T12:34:56.789Z",
    "app_metadata": {
      "provider": "email",
      "providers": ["email"]
    },
    "user_metadata": {
      "first_name": "John",
      "last_name": "Doe"
    },
    "identities": [],
    "created_at": "2023-05-01T12:34:56.789Z",
    "updated_at": "2023-05-01T12:34:56.789Z"
  }
}

Phone Signup

POST /auth/phone-signup

Create a new user account with phone number and password
Creates a new user account with phone number and password authentication.

Request

curl -X POST https://api.productflo.io/auth/phone-signup \
  -H "Content-Type: application/json" \
  -d '{
    "username": "johndoe",
    "phone_number": "+12345678901",
    "password": "secure-password",
    "confirm_password": "secure-password"
  }'

Request Body

username
string
required
The user’s username
phone_number
string
required
The user’s phone number in international format (e.g., +12345678901)
password
string
required
The user’s password
confirm_password
string
required
Confirmation of the password (must match password)

Response

Similar to email signup response, with phone number instead of email.

OAuth Provider Signup

POST /auth/provider

Create or login with an OAuth provider
Initiates the OAuth flow with an external provider like Google, GitHub, etc.

Request

curl -X POST https://api.productflo.io/auth/provider \
  -H "Content-Type: application/json" \
  -d '{
    "provider": "google"
  }'

Request Body

provider
string
required
The OAuth provider to use (e.g., google, github, apple)

Response

url
string
URL to redirect the user to for OAuth authentication
{
  "provider": "google"
}

{
  "url": "https://accounts.google.com/o/oauth2/v2/auth?client_id=..."
}

OAuth Callback

GET /auth/callback

Handle OAuth provider callback
This endpoint is called by the OAuth provider after the user authenticates. It completes the OAuth flow and creates or logs in the user.

Request

This endpoint is not typically called directly. The OAuth provider redirects to this URL with an authorization code. 
GET /auth/callback?code=AUTHORIZATION_CODE&state=STATE

Response

After successful authentication, the user is redirected to the application with an authenticated session.