API Introduction

Most of the time AuthRocket can be integrated using only the JWT tokens provided by LoginRocket. However, certain advanced usage, including bypassing LoginRocket entirely, is available through the AuthRocket API.

An API key is required for all API access. API keys may be generated at Realm -> Integration -> API keys. The specific API endpoint for your account is also shown next to your API key.

Important: The AuthRocket API is for access by a trusted server process only. API keys are master keys to your realm and are not safe for use in client apps (browser, iOS, Android, Electron, etc). Please protect your API keys carefully!

The AuthRocket API is divided into two parts:

AuthRocket Core API

The Core API covers everything related to managing users and accounts. If your server-side app needs to talk with AuthRocket at all, these are the APIs you likely want.

The Core API includes:

Learn more about Accessing the AuthRocket API.

AuthRocket Configuration API

The Configuration API covers APIs useful to configure and manage your AuthRocket service.

At this time, the Configuration API is considered unstable and may change from time to time. Its documentation is currently by request only. Please contact us if this is something you’re interested in.

Note about modifying resources

When a resource is created, updated or deleted, sometimes there may be a delay between the time the data is added, changed, or marked deleted and when the new state shows up via a subsequent query. It also takes time for old data to age out of our systems, logs, and backups.