Skip to main content

Server-Side Authentication


AnchorOverview

This flow allows you to generate a User Session for your user, using your App Secret.

In addition to authenticating existing users, you can authenticate newly-created or imported users on the fly.

Upon successful authentication, Quiltt will return a valid User Session object:

User Session

id string
expiration integer
userId string
token string

Once you’ve obtained a token, you can use it as a User Session Token with our GraphQL endpoint.

Authorization

Pass in your App Secret in the Authorization HTTP header:

Authorization: Bearer {{APP_SECRET}}

AnchorCreate a session for an existing user

POST
https://auth.quiltt.io/v1/users/sessions

Create and return a User Session for an existing user.

The user is identified by the userId field in the session object. The request accepts optional attributes that can be used to update the user:

User Session Attributes

userIdrequired string
phone string
email string
name string
metadata object

Response - 201 Created

{
"id": "137df35c-e42e-423d-befe-cb05535583d9",
"expiration": 1621370185,
"userId": "0293de4a-3bcf-4edc-8b70-c0129ef6c31e",
"token": "eyJhbGciOiJIUzUxMiJ9.eyJuYmYiOjE2MjEyODM3ODUsImlhdCI6MTYyMTI4Mzc4NSwianRpIjoiODcyYTY4YmUtMWQyZi00YzdlLTkzNmMtM2ViMjI0M2JlYWY5IiwiaXNzIjoiYXV0aC5xdWlsdHQuaW8iLCJhdWQiOiJhcGkucXVpbHR0LmlvIiwiZXhwIjoxNjIxMzcwMTg1LCJ2ZXIiOjEsImFpZCI6IjMzNjc3MWZiLTExMmEtNDIwMy1iMTdkLTUwYWVhMzgxNTMwYiIsInVpZCI6IjAyOTNkZTRhLTNiY2YtNGVkYy04YjcwLWMwMTI5ZWY2YzMxZSJ9.Col81BiJLxYTkz-peEq6rio0JJR7jTdX2IBfBj3XtKypswv0PTt8vb_c9jhM_cnzJI_OjCSEJYbYf4-mrd_suQ"
}

AnchorCreate a session for a new user

POST
https://auth.quiltt.io/v1/users/sessions

Create and return a User Session for a new user.

The request accepts an optional session object with attributes that can be added to the newly created user:

User Session Attributes

userId string
Must be UUID.
phone string
email string
name string
metadata object

Note: If no userId is provided, Quiltt will assign and return a random UUID for the newly created user.

Response - 201 Created

{
"id": "137df35c-e42e-423d-befe-cb05535583d9",
"expiration": 1621370185,
"userId": "0293de4a-3bcf-4edc-8b70-c0129ef6c31e",
"token": "eyJhbGciOiJIUzUxMiJ9.eyJuYmYiOjE2MjEyODM3ODUsImlhdCI6MTYyMTI4Mzc4NSwianRpIjoiODcyYTY4YmUtMWQyZi00YzdlLTkzNmMtM2ViMjI0M2JlYWY5IiwiaXNzIjoiYXV0aC5xdWlsdHQuaW8iLCJhdWQiOiJhcGkucXVpbHR0LmlvIiwiZXhwIjoxNjIxMzcwMTg1LCJ2ZXIiOjEsImFpZCI6IjMzNjc3MWZiLTExMmEtNDIwMy1iMTdkLTUwYWVhMzgxNTMwYiIsInVpZCI6IjAyOTNkZTRhLTNiY2YtNGVkYy04YjcwLWMwMTI5ZWY2YzMxZSJ9.Col81BiJLxYTkz-peEq6rio0JJR7jTdX2IBfBj3XtKypswv0PTt8vb_c9jhM_cnzJI_OjCSEJYbYf4-mrd_suQ"
}

AnchorCreate a session for an imported user

POST
https://auth.quiltt.io/v1/users/sessions

Create and return a User Session for a newly-imported user.

This allows you to bring any existing users into your Quiltt environment, identified by a valid userId (UUID) in the session object. You can also include additional information to set on the user:

User Session Attributes

userIdrequired string
Must be UUID.
phone string
email string
name string
metadata object

Response - 201 Created

{
"id": "0293de4a-3bcf-4edc-8b70-c0129ef6c31e",
"expiration": 1621370019,
"userId": "c1a7752d-bdba-4be2-8214-048ac4ea0ac1",
"token": "eyJhbGciOiJIUzUxMiJ9.eyJuYmYiOjE2MTQ5MjE5NzgsImlhdCI6MTYxNDkyMTk3OCwianRpIjoiODY3YTE4YWMtY2RjNi00MDc1LTk5YjktNTA4ODhmNTUxODczIiwiaXNzIjoiYXBpLmV4YW1wbGUuY29tIiwiYXVkIjoiZXhhbXBsZS5jb20iLCJleHAiOjE2MTUwMDgzNzgsInZlciI6MSwiaWlkIjoiMzM2NzcxZmItMTEyYS00MjAzLWIxN2QtNTBhZWEzODE1MzBiIiwidWlkIjoiYzFhNzc1MmQtYmRiYS00YmUyLTgyMTQtMDQ4YWM0ZWEwYWMxIn0.OPmtUtUJMpmfg5oKR1JfmSsCMHipvTANABCjHWQWDPqVOzZ7X98NkDpGkk7EPhuSwggbGxHLlXWShpOgd3ZSbA"
}