circle-info
Read on newly released AI assisted Insights
flxbl docsarrow-up-right
search
Ctrlk
Learn CD Concepts using LabsslackGitHub

Authentication

hashtag
Handle authentication callback

post

Validates the provided access token and optional refresh token

Body
access_tokenstringRequired

The access token for authentication

Example: eyJhbGciOiJIUzI1NilsImtpZCI6IlRbEty...
refresh_tokenstringOptional

Optional refresh token

Responses
chevron-right
200

Authentication successful

application/json
successbooleanRequired

Indicates if the operation was successful

Example: true
dataobjectRequired

The response data from auth service

Example: {"userId":"123"}
post
/sfp/api/auth/callback

hashtag
Resolve provider email aliases

post

Validates the access token (without membership lookup) and uses the GitHub provider token to fetch all verified emails and store them as aliases for user matching. This endpoint is public to avoid a bootstrap deadlock where a user with a mismatched email cannot authenticate to reach this endpoint.

Body
access_tokenstringRequired

The Supabase access token (JWT) for identity verification

provider_tokenstringRequired

The GitHub OAuth provider token

Example: gho_xxxxxxxxxxxx
Responses
chevron-right
200

Email aliases resolved and stored

application/json
aliasesstring[]Required

List of verified email aliases stored

Example: ["[email protected]","[email protected]"]
post
/sfp/api/auth/resolve-emails
200

Email aliases resolved and stored

hashtag
Admin login with username and password

post

Authenticates an admin user with email and password credentials

Body
emailstringRequired

Email address of the admin user

Example: [email protected]
passwordstringRequired

Password for the admin user

Example: password123
Responses
chevron-right
200

Authentication successful

application/json
successbooleanRequired

Indicates if the login was successful

Example: true
access_tokenstringRequired

Access token for authenticated requests

Example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
refresh_tokenstringRequired

Refresh token for obtaining new access tokens

Example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
userobjectRequired

User information

Example: {"id":"123","email":"[email protected]","role":"owner"}
errorstringRequired

Error message if login failed

Example: Invalid credentials
post
/sfp/api/auth/admin/login

hashtag
Login (if required) and continue to the requested action

get

Renders a dynamic login page. If the user is already authenticated, proceeds directly to the requested action with provided parameters. Used as an entry point for browser-based, context-aware authentication and routing.

Query parameters
actionstringRequired

The action to continue to after login (e.g., frontdoorUrl)

paramsstringRequired

Comma-separated key:value pairs for action context. For frontDoorUrl action: targetOrg:myorg (required), repository:org/repo (optional), prodOrg:[email protected] (optional)

Responses
chevron-right
200

HTML page for login and continuation.

No content
get
/sfp/api/auth/continue
200

HTML page for login and continuation.

No content

Last updated

Was this helpful?