Syntra Authentication
Auth setup workflow
- •
auth_get_config— check current auth settings - •
auth_update_config— configure password rules, session timeout, email verification - •
auth_upsert_oauth_config— add OAuth providers (Google, GitHub, Discord, etc.) - •
auth_register— create first user - •
auth_login— verify login works
User management
- •Register:
auth_registerwithemail,password, optionalname - •Login:
auth_loginreturns access + refresh tokens - •Admin login:
auth_admin_loginfor project admin access - •List users:
auth_list_userswithlimit/offsetpagination - •Find user:
auth_get_user_by_idorauth_get_user_by_email - •Update profile:
auth_update_profilewithuser_idand key-valueprofileobject - •Delete users:
auth_delete_userswith array ofuser_ids
Auth configuration
auth_update_config accepts:
| Field | Type | Description |
|---|---|---|
require_email_verification | boolean | Require users to verify email |
password_min_length | number | Minimum password length |
require_number | boolean | Require number in password |
require_lowercase | boolean | Require lowercase letter |
require_uppercase | boolean | Require uppercase letter |
require_special_char | boolean | Require special character |
session_timeout | number | Session timeout in seconds |
verify_email_method | string | Email verification method |
reset_password_method | string | Password reset method |
sign_in_redirect_to | string | Post-sign-in redirect URL |
Email verification and OTP
- •
auth_generate_otp_code— generate 6-digit code (for email verification or password reset) - •Send the code to user via
system_send_email - •
auth_verify_otp— verify the code user provides - •
auth_mark_email_verified— manually mark email as verified (admin shortcut)
For magic links, use auth_generate_otp_token instead (long-form token for URLs).
OAuth providers
- •
auth_list_oauth_configs— see configured providers - •
auth_upsert_oauth_config— create or update a provider - •
auth_delete_oauth_config— remove a provider
Configure a provider
json
{
"provider": "google",
"client_id": "your-client-id.apps.googleusercontent.com",
"client_secret": "your-client-secret",
"scope": "openid email profile",
"redirect_url": "http://localhost:7130/api/auth/callback/google",
"enabled": true
}
Reference docs
- •For OAuth provider URLs and scopes: see oauth-providers.md
- •For token types and auth flows: see token-types.md