All customer-specific requests in Quiltt require a valid User Session Token. We support several different flows to generate these tokens, depending on your use-case.

Server-side Auth allows you to generate a User Session Token on behalf of your customer, authenticating via your App Secret.

Client-side Auth allows your customers to create a User Session Token on their own behalf, authenticating via a one-time passcode sent to their phone or email.

In addition to being able to authenticate existing users, both flows support creating new users on the fly, as well as importing/syncing your existing users from another system into Quiltt. For more details, please see the appropriate guides and the API Reference.