Auth
Sign up, sign in, tokens, and current user
Sign up
Create a user in this project and environment. Returns tokens immediately. Production users count toward plan limits.
Sign in
Sign in
Sign out
Revokes the refresh token session if found. Always returns success (idempotent) to avoid leaking session state.
Refresh tokens
Exchanges a refresh token for a new access token and a **new** refresh token. The previous refresh token is invalidated. Replay detection revokes all sessions for the user.
Current user
Requires `X-API-Key` **and** `Authorization: Bearer <access_token>`. Loads the live user row after verifying the JWT.
Complete OIDC authorization (grant bridge)
After your login UI receives `request_token` from `/api/oidc/{projectId}/authorize`, authenticate the user, then call this endpoint to get the final `redirectUrl` for the browser. **Requires Pro** (`feature_not_available` on lower tiers).