Skip to main content
GET
Get authentication configuration

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Response

Authentication configuration

id
string<uuid>
requireEmailVerification
boolean
passwordMinLength
integer
Required range: 4 <= x <= 128
requireNumber
boolean
requireLowercase
boolean
requireUppercase
boolean
requireSpecialChar
boolean
verifyEmailMethod
enum<string>

Method for email verification (code = 6-digit OTP, link = magic link)

Available options:
code,
link
resetPasswordMethod
enum<string>

Method for password reset (code = 6-digit OTP + exchange flow, link = magic link)

Available options:
code,
link
allowedRedirectUrls
string[]

List of allowed URLs for authentication redirects. If empty, all redirects are allowed for smoother development UX. This is not recommended in production.

disableSignup
boolean

When true, public sign-up endpoints (POST /api/auth/users and first-time OAuth) are rejected with 403 AUTH_SIGNUP_DISABLED. Admin-authenticated user creation is unaffected.

createdAt
string<date-time>
updatedAt
string<date-time>