Authsignal maintains the following APIs for developers to call in their applications.

Server API

The Server API is the primary API required for any Authsignal integration. Key features:
  • Obtain a short-lived URL for the pre-built UI
  • Obtain a short-lived token for a Client SDK or the Client API
  • Perform CRUD operations to programmatically manage a user’s authenticators
  • Can be called directly or via a Server SDK

Client API

The Client API is available as an alternative to the pre-built UI if you prefer to implement your own custom or native UI.
If using passkeys or push authentication, we recommend using our Web SDK or Mobile SDKs rather than using our Client API directly. These SDKs provide an implementation layer on top of the Client API and simplify the integration model.
Key features:
  • Suitable for both web apps and native mobile apps
  • Supports a variety of authentication methods including passkeys, authenticator app, SMS or WhatsAPP OTP, email OTP or magic link, and push authentication
  • Must be used together with the Server API for a complete integration
  • Can be called directly or via a Client SDK

Management API

The Management API can be used to manage your tenant configuration. Key features:
  • Manage action and rule configuration
  • Manage theme and branding configuration
  • Can be called directly or via our terraform provider