Authentication flows
Browser-based authentication
When accessing Connhex APIs from a web app, there are two possible authentication strategies:
- manually implementing all flows in the API
- (recommended) using our Auth UI and deploying your app on the same domain. The Auth UI implements all authentication flows and sets a Cookie (
chx_auth_cookie): your app simply needs to include this cookie in every request.
HttpOnlychx_auth_cookie has HttpOnly set to true for security reasons: this means you won't be able to directly access it through JS. Look at how your HTTP client of choice implements credentials passing (e.g. a withCredentials params) and intercept every request directed to Connhex.
Authenticating Native Apps
If you're trying to access Connhex's APIs from a mobile app, you'll need to use dedicated flows and manually obtain an authentication token. This section provides some examples for all major flows: for a detailed description, please refer to the API.
Creating a Login Flow
This API allows initiating the authentication process for a user. It is the first necessary step to obtain a session token. The endpoint returns a flow ID that must be used in subsequent steps. The response also includes the action URL and the fields required for authentication.
Highlights
- Retrieve
ui.actionfrom the response. - The URL contained in
ui.actioncan be used to create a session. - The URL is of the type:
https://accounts.<domain>/auth/self-service/login?flow=<login-flow>.
Request
$ curl -XGET https://accounts.<domain>.dev/auth/self-service/login/api
Response
{
"id": "<flow-id>",
"type": "api",
"expires_at": "2025-04-17T13:24:00.615458417Z",
"issued_at": "2025-04-17T12:24:00.615458417Z",
"request_url": "https://accounts.<domain>/self-service/login/api",
"ui": {
"action": "https://accounts.<domain>/auth/self-service/login?flow=<flow-id>",
"method": "POST",
"nodes": [
{
"type": "input",
"group": "default",
"attributes": {
"name": "csrf_token",
"type": "hidden",
"value": "",
"required": true,
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {}
},
{
"type": "input",
"group": "default",
"attributes": {
"name": "identifier",
"type": "text",
"value": "",
"required": true,
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070004,
"text": "ID",
"type": "info"
}
}
},
{
"type": "input",
"group": "password",
"attributes": {
"name": "password",
"type": "password",
"required": true,
"autocomplete": "current-password",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070001,
"text": "Password",
"type": "info"
}
}
},
{
"type": "input",
"group": "password",
"attributes": {
"name": "method",
"type": "submit",
"value": "password",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1010001,
"text": "Sign in",
"type": "info",
"context": {}
}
}
}
]
},
"created_at": "2025-04-17T12:24:00.623775Z",
"updated_at": "2025-04-17T12:24:00.623775Z",
"refresh": false,
"requested_aal": "aal1"
}
Creating a Session
This endpoint allows authenticating a user using the provided credentials. After successful authentication, a session token is generated: this can be used to access Connhex APIs. The token must be included in all subsequent requests as an authorization header.
Highlights
session_tokenis contained in the session token, which must be used to call other Connhex APIs.- The token is of the type:
ory_st_<...> - The token has a duration of 24h.
Request
curl -X POST -H "Content-Type: application/json" -d "{\"identifier\":\"<username>\",\"password\":\"<password>\",\"method\":\"password\"}" "<action-url>"
Response
{
"session_token": "ory_st_<...>",
"session": {
"id": "<session-id>",
"active": true,
"expires_at": "2025-04-18T12:33:43.653688965Z",
"authenticated_at": "2025-04-17T12:33:43.653688965Z",
"authenticator_assurance_level": "aal1",
"authentication_methods": [
{
"method": "password",
"aal": "aal1",
"completed_at": "2025-04-17T12:33:43.653679029Z"
}
],
"issued_at": "2025-04-17T12:33:43.653688965Z",
"identity": {
"id": "0b9c300d-8828-4a24-897a-875c01ea79b3",
"schema_id": "default",
"schema_url": "https://accounts.<domain>/auth/schemas/ZGVmYXVsdA",
"state": "active",
"state_changed_at": "2025-04-15T10:10:37.228676Z",
"traits": {
"email": "<username>"
},
"verifiable_addresses": [
{
"id": "dd2475de-a8ab-479d-9fb1-581f07a7bd52",
"value": "<username>",
"verified": true,
"via": "email",
"status": "completed",
"verified_at": "2025-04-15T10:10:37.235243Z",
"created_at": "2025-04-15T10:10:37.235386Z",
"updated_at": "2025-04-15T10:10:37.235386Z"
}
],
"recovery_addresses": [
{
"id": "fd46a180-1104-4e7a-8d7f-dbb8a5c01e56",
"value": "<username>",
"via": "email",
"created_at": "2025-04-15T10:10:37.237999Z",
"updated_at": "2025-04-15T10:10:37.237999Z"
}
],
"metadata_public": {
"language": "en"
},
"created_at": "2025-04-15T10:10:37.231415Z",
"updated_at": "2025-04-15T10:10:37.231415Z"
},
"devices": [
{
"id": "d78b09de-9119-445d-9dfb-fc7f33a31008",
"ip_address": "",
"user_agent": "curl/8.7.1",
"location": ""
}
]
}
}
Deleting a Session
This endpoint allows terminating an active session (i.e. logging out). It is necessary to provide the session token that you wish to invalidate. Upon completion of this operation, the token will no longer be valid and the user will need to authenticate again to gain access.
Request
$ curl -XDELETE -H "Content-Type: application/json" -w "%{http_code}" \
https://accounts.<domain>/auth/self-service/logout/api -d \
"{\"session_token\": \"ory_st_<...>\" }"
Response
204
Creating a Registration Flow
This API initiates the registration process for a new user. The response includes the registration flow ID and all necessary fields to complete the registration. This flow is essential for creating new user accounts in Connhex.
Request
$ curl -XGET https://accounts.<domain>/auth/self-service/registration/api
Response
{
"id": "<flow-id>",
"type": "api",
"expires_at": "2025-04-17T14:12:03.833564878Z",
"issued_at": "2025-04-17T13:12:03.833564878Z",
"request_url": "https://accounts.<domain>/self-service/registration/api",
"ui": {
"action": "https://accounts.<domain>/auth/self-service/registration?flow=<flow-id>",
"method": "POST",
"nodes": [
{
"type": "input",
"group": "default",
"attributes": {
"name": "csrf_token",
"type": "hidden",
"value": "",
"required": true,
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {}
},
{
"type": "input",
"group": "password",
"attributes": {
"name": "traits.email",
"type": "email",
"required": true,
"autocomplete": "email",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070002,
"text": "E-Mail",
"type": "info"
}
}
},
{
"type": "input",
"group": "password",
"attributes": {
"name": "password",
"type": "password",
"required": true,
"autocomplete": "new-password",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070001,
"text": "Password",
"type": "info"
}
}
},
{
"type": "input",
"group": "password",
"attributes": {
"name": "traits.name.first",
"type": "text",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070002,
"text": "First name",
"type": "info"
}
}
},
{
"type": "input",
"group": "password",
"attributes": {
"name": "traits.name.last",
"type": "text",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070002,
"text": "Last name",
"type": "info"
}
}
},
{
"type": "input",
"group": "password",
"attributes": {
"name": "method",
"type": "submit",
"value": "password",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1040001,
"text": "Sign up",
"type": "info",
"context": {}
}
}
}
]
}
}
Updating a Registration Flow
This endpoint allows completing the registration of a new user by providing the required information. Successful registration will create a new user account and automatically generate a session token. Users will then need to verify their email.
Fields
password- requiredtraits.email- requiredtraits.name- optionaltraits.name.firsttraits.name.last
Content-Type headerThe Content-Type header must be set to application/x-www-form-urlencoded and the payload formatted accordingly.
Request
$ curl -XPOST "https://accounts.<domain>/auth/self-service/registration?flow=<flow-id>" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "method=password&password=<password>&traits.email=<email>&traits.name.first=<first-name>&traits.name.last=<last-name>"
Response
{
"session_token": "ory_st_<...>",
"session": {
"id": "<session-id>",
"active": true,
"expires_at": "2025-04-18T13:40:45.603134081Z",
"authenticated_at": "2025-04-17T13:40:45.627998666Z",
"authenticator_assurance_level": "aal1",
"authentication_methods": [
{
"method": "password",
"aal": "aal1",
"completed_at": "2025-04-17T13:40:45.60313338Z"
}
],
"issued_at": "2025-04-17T13:40:45.603134081Z",
"identity": {
"id": "<user-identity>",
"schema_id": "user",
"schema_url": "https://accounts.<domain>/auth/schemas/dXNlcg",
"state": "active",
"state_changed_at": "2025-04-17T13:40:45.585767226Z",
"traits": {
"email": "<email>",
"name": {
"first": "<first-name>",
"last": "<last-name>"
}
},
"verifiable_addresses": [
{
"id": "39a394c8-49fa-4085-a419-3f5e3d655b2c",
"value": "<email>",
"verified": false,
"via": "email",
"status": "sent",
"created_at": "2025-04-17T13:40:45.591075Z",
"updated_at": "2025-04-17T13:40:45.591075Z"
}
],
"recovery_addresses": [
{
"id": "54e3a9c9-6062-4472-898c-e6bd21c8a38e",
"value": "<email>",
"via": "email",
"created_at": "2025-04-17T13:40:45.593437Z",
"updated_at": "2025-04-17T13:40:45.593437Z"
}
],
"metadata_public": {
"notifications": {
"email": {
"enabled": true,
"value": "<email>"
}
},
"language": "en"
},
"created_at": "2025-04-17T13:40:45.588663Z",
"updated_at": "2025-04-17T13:40:45.588663Z"
},
"devices": [
{
"id": "91adbf8e-5c0d-43f5-9d9b-a2b5427d311f",
"ip_address": "",
"user_agent": "curl/8.7.1",
"location": ""
}
]
},
"identity": {
"id": "<user-identity>",
"schema_id": "user",
"schema_url": "https://accounts.<domain>/auth/schemas/dXNlcg",
"state": "active",
"state_changed_at": "2025-04-17T13:40:45.585767226Z",
"traits": {
"email": "<email>",
"name": {
"first": "<first-name>",
"last": "<last-name>"
}
},
"verifiable_addresses": [
{
"id": "39a394c8-49fa-4085-a419-3f5e3d655b2c",
"value": "<email>",
"verified": false,
"via": "email",
"status": "sent",
"created_at": "2025-04-17T13:40:45.591075Z",
"updated_at": "2025-04-17T13:40:45.591075Z"
}
],
"recovery_addresses": [
{
"id": "54e3a9c9-6062-4472-898c-e6bd21c8a38e",
"value": "<email>",
"via": "email",
"created_at": "2025-04-17T13:40:45.593437Z",
"updated_at": "2025-04-17T13:40:45.593437Z"
}
],
"metadata_public": {
"notifications": {
"email": {
"enabled": true,
"value": "<email>"
}
},
"language": "en"
},
"created_at": "2025-04-17T13:40:45.588663Z",
"updated_at": "2025-04-17T13:40:45.588663Z"
},
"continue_with": [
{
"action": "show_verification_ui",
"flow": {
"id": "<verification-flow-id>",
"verifiable_address": "<email>"
}
},
{
"action": "set_ory_session_token",
"ory_session_token": "ory_st_<...>"
}
]
}
Creating a Verification Flow
This API initiates the user's email address verification process. It is necessary after registration to confirm that the user has access to the provided email address. The verification flow generates a code that is sent via email to the user.
Request
$ curl -XGET https://accounts.<domain>/auth/self-service/verification/api
Response
{
"id": "<flow-id>",
"type": "api",
"expires_at": "2025-04-17T15:11:58.984963684Z",
"issued_at": "2025-04-17T14:11:58.984963684Z",
"request_url": "https://accounts.<domain>/self-service/verification/api",
"active": "code",
"ui": {
"action": "https://accounts.<domain>/auth/self-service/verification?flow=<flow-id>",
"method": "POST",
"nodes": [
{
"type": "input",
"group": "code",
"attributes": {
"name": "email",
"type": "email",
"required": true,
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070007,
"text": "Email",
"type": "info"
}
}
},
{
"type": "input",
"group": "code",
"attributes": {
"name": "method",
"type": "submit",
"value": "code",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070005,
"text": "Submit",
"type": "info"
}
}
}
]
},
"state": "choose_method"
}
Sending Verification Email
This endpoint triggers the sending of a verification email to the provided address. The email contains a code that the user must enter to complete the verification process.
Content-Type headerThe Content-Type header must be set to application/x-www-form-urlencoded and the payload formatted accordingly.
Request
$ curl "https://accounts.<domain>/auth/self-service/verification?flow=<verification-flow-id>" \
-H "Content-Type: application/x-www-form-urlencoded" \
-H "Accept: application/json" \
-d "method=code&email=<email>"
Response
{
"id": "<verification-flow-id>",
"type": "api",
"expires_at": "2025-04-17T17:09:55.668354Z",
"issued_at": "2025-04-17T16:09:55.668354Z",
"request_url": "https://accounts.<domain>/self-service/verification/api",
"active": "code",
"ui": {
"action": "https://accounts.<domain>/auth/self-service/verification?flow=<verification-flow-id>",
"method": "POST",
"nodes": [
{
"type": "input",
"group": "code",
"attributes": {
"name": "code",
"type": "text",
"required": true,
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070011,
"text": "Verification code",
"type": "info"
}
}
},
{
"type": "input",
"group": "code",
"attributes": {
"name": "method",
"type": "hidden",
"value": "code",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {}
},
{
"type": "input",
"group": "code",
"attributes": {
"name": "method",
"type": "submit",
"value": "code",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070005,
"text": "Submit",
"type": "info"
}
}
},
{
"type": "input",
"group": "code",
"attributes": {
"name": "email",
"type": "submit",
"value": "<email>",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070008,
"text": "Resend code",
"type": "info"
}
}
}
],
"messages": [
{
"id": 1080003,
"text": "An email containing a verification code has been sent to your email address.",
"type": "info",
"context": {}
}
]
},
"state": "sent_email"
}
Hi,
please verify your account by entering the following code:
296695
or clicking the following link:
https://accounts.stresstest-app.connhex.dev/auth/self-service/verification?code=296695&flow=6100ab89-bc44-48d8-8605-c6c049ac1be3
Completing the Verification Flow
This endpoint completes the email verification process using the code received via email. After successful verification, the user's account will be marked as verified and will have full access to Connhex. In case of an incorrect code, an error message will be returned.
Content-Type headerThe Content-Type header must be set to application/x-www-form-urlencoded and the payload formatted accordingly.
Request
$ curl -XPOST "https://accounts.<domain>/auth/self-service/verification?flow=<verification-flow-id>" \
-H "Accept: application/json" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "code=<code>&method=code"
Response
# Success
{
"id": "<verification-flow-id>",
"type": "api",
"expires_at": "2025-04-18T07:56:32.179223Z",
"issued_at": "2025-04-18T06:56:32.179223Z",
"request_url": "https://accounts.<domain>/self-service/verification/api",
"active": "code",
"ui": {
"action": "https://accounts.<domain>/settings",
"method": "GET",
"nodes": [
{
"type": "input",
"group": "default",
"attributes": {
"name": "csrf_token",
"type": "hidden",
"value": "",
"required": true,
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {}
},
{
"type": "a",
"group": "code",
"attributes": {
"href": "https://accounts.<domain>/settings",
"title": {
"id": 1070009,
"text": "Continue",
"type": "info"
},
"id": "continue",
"node_type": "a"
},
"messages": [],
"meta": {
"label": {
"id": 1070009,
"text": "Continue",
"type": "info"
}
}
}
],
"messages": [
{
"id": 1080002,
"text": "You successfully verified your email address.",
"type": "success"
}
]
},
"state": "passed_challenge"
}
# Wrong code
{
"id": "<verification-flow-id>",
"type": "browser",
"expires_at": "2025-04-17T17:00:52.578359Z",
"issued_at": "2025-04-17T16:00:52.578359Z",
"request_url": "https://accounts.<domain>/self-service/verification/browser",
"active": "default",
"ui": {
"action": "https://accounts.<domain>/auth/self-service/verification?flow=<verification-flow-id>",
"method": "POST",
"nodes": [
{
"type": "input",
"group": "code",
"attributes": {
"name": "code",
"type": "text",
"required": true,
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070011,
"text": "Verification code",
"type": "info"
}
}
},
{
"type": "input",
"group": "code",
"attributes": {
"name": "method",
"type": "hidden",
"value": "code",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {}
},
{
"type": "input",
"group": "code",
"attributes": {
"name": "method",
"type": "submit",
"value": "code",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070005,
"text": "Submit",
"type": "info"
}
}
},
{
"type": "input",
"group": "default",
"attributes": {
"name": "csrf_token",
"type": "hidden",
"value": "",
"required": true,
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {}
},
{
"type": "input",
"group": "code",
"attributes": {
"name": "email",
"type": "email",
"value": "",
"required": true,
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070007,
"text": "Email",
"type": "info"
}
}
}
],
"messages": [
{
"id": 4070006,
"text": "The verification code is invalid or has already been used.",
"type": "error",
"context": {}
}
]
},
"state": "sent_email"
}
Creating a Settings Flow
This API initializes a settings type flow, through which you can update user settings (email, password, language, notification methods...).
The response includes the URL to be used to update user settings within the ui.action field.
Token
<token> is the session token obtained from the create session API call (it is a string of type ory_st_).
Request
$ curl -XPOST https://accounts.<domain>/auth/self-service/settings/api \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer <token>"
Response
{
"id": "<flow-id>",
"type": "api",
"expires_at": "2025-05-26T12:15:05.400964037Z",
"issued_at": "2025-05-26T11:15:05.400964037Z",
"request_url": "https://accounts.<domain>/self-service/settings/api",
"ui": {
"action": "https://accounts.<domain>/auth/self-service/settings?flow=<flow-id>",
"method": "POST",
"nodes": [
{
"type": "input",
"group": "default",
"attributes": {
"name": "csrf_token",
"type": "hidden",
"value": "",
"required": true,
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {}
},
{
"type": "input",
"group": "profile",
"attributes": {
"name": "traits.email",
"type": "email",
"value": "<email>",
"required": true,
"autocomplete": "email",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070002,
"text": "E-Mail",
"type": "info"
}
}
},
{
"type": "input",
"group": "profile",
"attributes": {
"name": "traits.name.first",
"type": "text",
"value": "<first name>",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070002,
"text": "First name",
"type": "info"
}
}
},
{
"type": "input",
"group": "profile",
"attributes": {
"name": "traits.name.last",
"type": "text",
"value": "<last name>",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070002,
"text": "Last name",
"type": "info"
}
}
},
{
"type": "input",
"group": "profile",
"attributes": {
"name": "method",
"type": "submit",
"value": "profile",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070003,
"text": "Save",
"type": "info"
}
}
},
{
"type": "input",
"group": "password",
"attributes": {
"name": "password",
"type": "password",
"required": true,
"autocomplete": "new-password",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070001,
"text": "Password",
"type": "info"
}
}
},
{
"type": "input",
"group": "password",
"attributes": {
"name": "method",
"type": "submit",
"value": "password",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070003,
"text": "Save",
"type": "info"
}
}
},
{
"type": "input",
"group": "lookup_secret",
"attributes": {
"name": "lookup_secret_regenerate",
"type": "submit",
"value": "true",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1050008,
"text": "Generate new backup recovery codes",
"type": "info"
}
}
},
{
"type": "img",
"group": "totp",
"attributes": {
"src": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAA...",
"id": "totp_qr",
"width": 256,
"height": 256,
"node_type": "img"
},
"messages": [],
"meta": {
"label": {
"id": 1050005,
"text": "Authenticator app QR code",
"type": "info"
}
}
},
{
"type": "text",
"group": "totp",
"attributes": {
"text": {
"id": 1050006,
"text": "V6GX2HVOMI7NSKC6MBYIMOW6YERERVEN",
"type": "info",
"context": {
"secret": "V6GX2HVOMI7NSKC6MBYIMOW6YERERVEN"
}
},
"id": "totp_secret_key",
"node_type": "text"
},
"messages": [],
"meta": {
"label": {
"id": 1050017,
"text": "This is your authenticator app secret. Use this to enable 2-Step Verification.",
"type": "info"
}
}
},
{
"type": "input",
"group": "totp",
"attributes": {
"name": "totp_code",
"type": "text",
"required": true,
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070006,
"text": "Verify code",
"type": "info"
}
}
},
{
"type": "input",
"group": "totp",
"attributes": {
"name": "method",
"type": "submit",
"value": "totp",
"disabled": false,
"node_type": "input"
},
"messages": [],
"meta": {
"label": {
"id": 1070003,
"text": "Save",
"type": "info"
}
}
}
]
},
"identity": {
"id": "84d255c6-c6a4-41f1-b0bd-675502d53ea7",
"schema_id": "default",
"schema_url": "https://accounts.<domain>/auth/schemas/ZGVmYXVsdA",
"state": "active",
"traits": {
"name": {
"last": "<first name>",
"first": "<last name>"
},
"email": "<email>"
},
"verifiable_addresses": [
{
"id": "bd09f67a-90b5-4db6-99a3-7da859615534",
"value": "<email>",
"verified": true,
"via": "email",
"status": "completed",
"verified_at": "2024-09-11T13:42:24.438288Z",
"created_at": "2024-09-11T13:42:24.438337Z",
"updated_at": "2024-09-11T13:42:24.438337Z"
}
],
"recovery_addresses": [
{
"id": "9a31d74f-49e5-40ec-8218-e9b61c972020",
"value": "<email>",
"via": "email",
"created_at": "2024-09-11T13:42:24.439827Z",
"updated_at": "2024-09-11T13:42:24.439827Z"
}
],
"metadata_public": {
"notifications": {
"sms": {
"value": "",
"enabled": false
},
"email": {
"value": "<email>",
"enabled": true
},
"slack": {
"value": "",
"enabled": false
},
"discord": {
"value": "",
"enabled": false
},
"msteams": {
"value": "",
"enabled": false
},
"telegram": {
"value": "",
"enabled": false,
"username": ""
}
}
},
"created_at": "2024-09-11T13:42:24.436214Z",
"updated_at": "2024-09-11T13:42:24.436214Z"
},
"state": "show_form"
}
Updating User Settings
This endpoint allows updating user settings:
- password
- user email
- first name
- last name
Token
<flow-id> is the settings flow ID obtained previously. <token> is the session token obtained from the create session API call (it is a string of type ory_st_).
Request
# Password update
$ curl -XPOST https://accounts.<domain>/auth/self-service/settings?flow=<flow-id> \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer <token>" \
-d '{
"password": "<new-password>",
"method": "password"
}'
# User traits update
$ curl -XPOST https://accounts.<domain>/auth/self-service/settings?flow=<flow-id> \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer <token>" \
--data-raw '{
"traits": {
"email": "<new-email>",
"name": {
"first": "<new-first-name>",
"last": "<new-last-name>"
}
},
"method": "profile"
}'