Skip to main content


All user-specific requests in Quiltt require a valid Session Token. We support several different flows to generate these tokens, depending on your use-case.

The Server-Side Flow allows you to generate a Session Token on behalf of your user, authenticating via your API Secret.

The Passwordless Flow allows your users to generate a Session Token on their own behalf, authenticating via a one-time passcode sent to their phone or email.

In addition to authenticating existing users, both flows support creating new users on the fly, as well as importing/syncing existing users into Quiltt. For more details, please see the appropriate guides and the Authentication API Reference.