API Reference

Complete API reference for the Authgate Integration API.

Base URL

http://your-authgate-domain.com/api/integration

Authentication

All API requests require Application Authentication using API credentials:

x-api-key: your_api_key
x-api-secret: your_api_secret

Some endpoints also support or require User Authentication using one of these methods:

1. Bearer Token (Recommended)

   Authorization: Bearer <session_token>

   To get a session token, the user needs to login.

2. License Code

   x-api-license-code: ABC123XYZ789

3. Username/Password

   x-api-username: john_doe
   x-api-password: user_password

Device Authentication

If enabled, provide a hardware ID:

• Token Auth: Include hardware_id in login and sign-up request bodies
• Legacy Auth: Include x-hardware-id header with every request

See Device Authentication for details.

Error Responses

Common error responses you might encounter:

• 401 - Authentication failed (invalid credentials or expired token)
• 403 - Forbidden (inactive/expired membership)
• 404 - Resource not found
• 422 - Validation error (invalid request data)

All error responses follow this format:

{
  "detail": "Error message describing what went wrong"
}

Getting Started

1. Obtain your API key and secret from the Authgate dashboard
2. Choose your authentication method (Bearer token recommended)
3. Make requests to the endpoints documented in this section

For easier integration, use our C++ or Python SDK which handles authentication automatically.