Templated

Authentication

How to authenticate with the Templated API.

Authentication

The Templated API uses session-based authentication powered by NextAuth.js. All authenticated endpoints require a valid session cookie.

Session authentication

When a user signs in through the Templated web app, a session cookie is set automatically. API calls made from the browser (same origin) include this cookie and are authenticated transparently.

Sign in

POST /api/auth/callback/credentials
Content-Type: application/x-www-form-urlencoded

email=user@example.com&password=your-password

Register a new account

POST /api/auth/register
Content-Type: application/json

{
  "name": "Jane Smith",
  "email": "jane@example.com",
  "password": "secure-password-here"
}

After registration, verify your email using the link sent to your inbox.

Account context

Most API endpoints are scoped to an account. You access them using the account's slug:

GET /api/accounts/{slug}/templates

You must be an authenticated member of the account to access its resources. The API returns 403 Forbidden if you don't have the required role.

Checking your session

To verify your current authentication status:

GET /api/auth/session

Returns your session data if authenticated, or null if not.

Error responses

StatusDescription
401Not authenticated — session is missing or expired
403Authenticated but insufficient permissions for this account/action

API keys (coming soon)

We're working on API key authentication for server-to-server integrations. This will allow you to authenticate without a browser session. Stay tuned.

Overview

Understand the Templated API architecture, concepts, and conventions.

Quickstart

Make your first API call to Templated in under 5 minutes.

On this page

AuthenticationSession authenticationSign inRegister a new accountAccount contextChecking your sessionError responsesAPI keys (coming soon)