Skip to main content

Server-Side Sessions


AnchorOverview

This flow allows your server to generate a Session Token for your user, using your API Secret. In addition to authenticating existing users, you can authenticate newly-created or imported users on the fly.

Upon successful authentication, you will receive a valid Session object, which will include a token that be used as a Session Token with the GraphQL endpoint.

AnchorAuthorization

Pass in your API Secret in the Authorization header.

Authorization: Bearer {{API_SECRET}}

AnchorSchemas

User Session

id string
expiration integer
userId string
token string

AnchorCreate a Session for an Existing User

POST
https://auth.quiltt.io/v1/users/sessions

Generate a Session Token for an existing user (identified by userId).

The request accepts optional attributes that can be used to update the existing user.

AnchorRequest Parameters

userIdrequired string
phone string
Must be in E.164 Format
email string
name string
metadata object

AnchorRequest Example

AnchorResponse Example

201 Created

{
"id": "137df35c-e42e-423d-befe-cb05535583d9",
"expiration": 1621370185,
"userId": "0293de4a-3bcf-4edc-8b70-c0129ef6c31e",
"token": "eyJhbGciOiJIUzUxMiJ9.eyJuYmYiOjE2MjEyODM3ODUsImlhdCI6MTYyMTI4Mzc4NSwianRpIjoiODcyYTY4YmUtMWQyZi00YzdlLTkzNmMtM2ViMjI0M2JlYWY5IiwiaXNzIjoiYXV0aC5xdWlsdHQuaW8iLCJhdWQiOiJhcGkucXVpbHR0LmlvIiwiZXhwIjoxNjIxMzcwMTg1LCJ2ZXIiOjEsImFpZCI6IjMzNjc3MWZiLTExMmEtNDIwMy1iMTdkLTUwYWVhMzgxNTMwYiIsInVpZCI6IjAyOTNkZTRhLTNiY2YtNGVkYy04YjcwLWMwMTI5ZWY2YzMxZSJ9.Col81BiJLxYTkz-peEq6rio0JJR7jTdX2IBfBj3XtKypswv0PTt8vb_c9jhM_cnzJI_OjCSEJYbYf4-mrd_suQ"
}

AnchorCreate a Session for a New User

POST
https://auth.quiltt.io/v1/users/sessions

Generate a Session Token for a new user (identified by userId).

The request accepts optional attributes that can be added to the newly created user.

AnchorRequest Parameters

userId string
Must be UUID.
phone string
Must be in E.164 Format
email string
name string
metadata object

Note: If a userId is not provided, Quiltt will assign and return a random UUID for the newly created user.

AnchorRequest Example

AnchorResponse Example

201 Created

{
"id": "137df35c-e42e-423d-befe-cb05535583d9",
"expiration": 1621370185,
"userId": "0293de4a-3bcf-4edc-8b70-c0129ef6c31e",
"token": "eyJhbGciOiJIUzUxMiJ9.eyJuYmYiOjE2MjEyODM3ODUsImlhdCI6MTYyMTI4Mzc4NSwianRpIjoiODcyYTY4YmUtMWQyZi00YzdlLTkzNmMtM2ViMjI0M2JlYWY5IiwiaXNzIjoiYXV0aC5xdWlsdHQuaW8iLCJhdWQiOiJhcGkucXVpbHR0LmlvIiwiZXhwIjoxNjIxMzcwMTg1LCJ2ZXIiOjEsImFpZCI6IjMzNjc3MWZiLTExMmEtNDIwMy1iMTdkLTUwYWVhMzgxNTMwYiIsInVpZCI6IjAyOTNkZTRhLTNiY2YtNGVkYy04YjcwLWMwMTI5ZWY2YzMxZSJ9.Col81BiJLxYTkz-peEq6rio0JJR7jTdX2IBfBj3XtKypswv0PTt8vb_c9jhM_cnzJI_OjCSEJYbYf4-mrd_suQ"
}

AnchorCreate a Session for an Imported User

POST
https://auth.quiltt.io/v1/users/sessions

Generate a Session Token for a user imported from your system (identified by a supplied UUID userId).

The request accepts optional attributes that can be imported for the imported user.

AnchorRequest Parameters

userIdrequired string
Must be UUID.
phone string
Must be in E.164 Format
email string
name string
metadata object

AnchorRequest Example

AnchorResponse Example

201 Created

{
"id": "0293de4a-3bcf-4edc-8b70-c0129ef6c31e",
"expiration": 1621370019,
"userId": "c1a7752d-bdba-4be2-8214-048ac4ea0ac1",
"token": "eyJhbGciOiJIUzUxMiJ9.eyJuYmYiOjE2MTQ5MjE5NzgsImlhdCI6MTYxNDkyMTk3OCwianRpIjoiODY3YTE4YWMtY2RjNi00MDc1LTk5YjktNTA4ODhmNTUxODczIiwiaXNzIjoiYXBpLmV4YW1wbGUuY29tIiwiYXVkIjoiZXhhbXBsZS5jb20iLCJleHAiOjE2MTUwMDgzNzgsInZlciI6MSwiaWlkIjoiMzM2NzcxZmItMTEyYS00MjAzLWIxN2QtNTBhZWEzODE1MzBiIiwidWlkIjoiYzFhNzc1MmQtYmRiYS00YmUyLTgyMTQtMDQ4YWM0ZWEwYWMxIn0.OPmtUtUJMpmfg5oKR1JfmSsCMHipvTANABCjHWQWDPqVOzZ7X98NkDpGkk7EPhuSwggbGxHLlXWShpOgd3ZSbA"
}