AuthEmailSignup.mdx•4.17 kB
---
title: Auth Email Signup
description: |
Register a new account with an email and optional password. The password
requirement is dependent on how the instance is configured for account
authentication with email addresses (password vs magic link.)
When the email address has not been registered, this endpoint will send
a verification email however it will also return a session cookie to
facilitate pre-verification usage of the platform. If the email address
already exists, no session cookie will be returned in order to prevent
arbitrary account control by a malicious actor. In this case, the email
will be sent again with the same OTP for the case where the user has
cleared their cookies or switched device but hasn't yet verified due to
missing the email or a delivery failure. In this sense, the endpoint can
act as a "resend verification email" operation as well as registration.
In the first case, a 200 response is provided with the session cookie,
in the second case, a 422 response is provided without a session cookie.
Given that this is an unauthenticated endpoint that triggers an email to
be sent to any public address, it MUST be heavily rate limited.
full: false
_openapi:
method: POST
route: /auth/email/signup
toc: []
structuredData:
headings: []
contents:
- content: >
Register a new account with an email and optional password. The
password
requirement is dependent on how the instance is configured for account
authentication with email addresses (password vs magic link.)
When the email address has not been registered, this endpoint will
send
a verification email however it will also return a session cookie to
facilitate pre-verification usage of the platform. If the email
address
already exists, no session cookie will be returned in order to prevent
arbitrary account control by a malicious actor. In this case, the
email
will be sent again with the same OTP for the case where the user has
cleared their cookies or switched device but hasn't yet verified due
to
missing the email or a delivery failure. In this sense, the endpoint
can
act as a "resend verification email" operation as well as
registration.
In the first case, a 200 response is provided with the session cookie,
in the second case, a 422 response is provided without a session
cookie.
Given that this is an unauthenticated endpoint that triggers an email
to
be sent to any public address, it MUST be heavily rate limited.
---
{/* This file was generated by Fumadocs. Do not edit this file directly. Any changes should be made by running the generation command again. */}
Register a new account with an email and optional password. The password
requirement is dependent on how the instance is configured for account
authentication with email addresses (password vs magic link.)
When the email address has not been registered, this endpoint will send
a verification email however it will also return a session cookie to
facilitate pre-verification usage of the platform. If the email address
already exists, no session cookie will be returned in order to prevent
arbitrary account control by a malicious actor. In this case, the email
will be sent again with the same OTP for the case where the user has
cleared their cookies or switched device but hasn't yet verified due to
missing the email or a delivery failure. In this sense, the endpoint can
act as a "resend verification email" operation as well as registration.
In the first case, a 200 response is provided with the session cookie,
in the second case, a 422 response is provided without a session cookie.
Given that this is an unauthenticated endpoint that triggers an email to
be sent to any public address, it MUST be heavily rate limited.
<APIPage document={"../api/openapi.yaml"} operations={[{"path":"/auth/email/signup","method":"post"}]} webhooks={[]} hasHead={false} />