Documentation Index
Fetch the complete documentation index at: https://zarna.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
Overview
The Authentication API handles user login, registration, token refresh, and session management.
Base Path: /auth
Endpoints
Login
Request Body:
{
"email": "user@example.com",
"password": "your-password"
}
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"token_type": "bearer",
"expires_in": 86400,
"user": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"email": "user@example.com",
"name": "John Doe",
"firm_id": "770e8400-e29b-41d4-a716-446655440222",
"role": "admin"
}
}
Register
Request Body:
{
"email": "newuser@example.com",
"password": "secure-password",
"name": "Jane Smith",
"firm_name": "NewCo Ventures"
}
{
"user": {
"id": "uuid",
"email": "newuser@example.com",
"name": "Jane Smith"
},
"message": "Account created successfully. Please check your email to verify."
}
Refresh Token
Headers:
Authorization: Bearer {current_token}
{
"access_token": "new-jwt-token",
"token_type": "bearer",
"expires_in": 86400
}
Logout
Response:
{
"message": "Logged out successfully"
}
Get Current User
Headers:
Authorization: Bearer {token}
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"email": "user@example.com",
"name": "John Doe",
"firm_id": "770e8400-e29b-41d4-a716-446655440222",
"firm_name": "Acme Ventures",
"role": "admin",
"created_at": "2024-01-01T00:00:00Z"
}
Token Structure
JWT Payload
{
"sub": "550e8400-e29b-41d4-a716-446655440000",
"email": "user@example.com",
"firm_id": "770e8400-e29b-41d4-a716-446655440222",
"role": "admin",
"iat": 1706000000,
"exp": 1706086400
}
Error Codes
| Code | Error | Description |
|---|
| 400 | invalid_credentials | Email or password incorrect |
| 400 | email_already_exists | Email already registered |
| 401 | token_expired | JWT token has expired |
| 401 | invalid_token | JWT token is malformed or invalid |
| 422 | validation_error | Request body validation failed |
Frontend Integration
// Login
async function login(email: string, password: string) {
const response = await fetch('/auth/login', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ email, password })
})
const data = await response.json()
// Store token
localStorage.setItem('access_token', data.access_token)
return data.user
}
// Auto-refresh before expiration
useEffect(() => {
const refreshInterval = setInterval(async () => {
const newToken = await refreshToken()
localStorage.setItem('access_token', newToken)
}, 23 * 60 * 60 * 1000) // 23 hours
return () => clearInterval(refreshInterval)
}, [])
Next Steps
Authentication Flow
Complete auth architecture
Backend Auth
JWT middleware implementation
Security Guide
Security best practices
