ganshik

Cross-domain authentication server — acc.grimdork.net

Public Endpoints

MethodPathAuthDescription
POST/auth/verifynoneVerify user credentials for a domain. Returns a token on success. Body: {"username","password","domain"}
POST/auth/checknoneVerify an auth token is valid and not expired. Body: {"username","domain","token"}

Management API

MethodPathAuthDescription
GET/api/usersadmin / domainList users
POST/api/usersadmin / domainCreate user (domain-scoped key also creates a profile)
GET/api/users/:idadminGet user details
PUT/api/users/:idadminUpdate user details
DELETE/api/users/:idadminDelete user and all profiles
POST/api/users/:id/passwordadminSet or test password. Body: {"password","test_only":bool}
GET/api/domainsadminList domains
POST/api/domainsadminCreate domain
GET/api/domains/:idadminGet domain details
PUT/api/domains/:idadminUpdate domain
DELETE/api/domains/:idadminDelete domain and associated profiles/keys
GET/api/domains/:id/keysadminList API keys for a domain
POST/api/domains/:id/keysadminCreate a new API key for a domain
GET/api/profilesadmin / domainList profiles (domain-scoped keys see only their domain)
POST/api/profilesadminCreate a profile for any domain
PUT/api/profiles/:idadminUpdate profile status
DELETE/api/profiles/:idadmin / domainRemove profile (domain-scoped: only own domain)
GET/api/admin/keysadminList admin API keys
POST/api/admin/keysadminCreate admin API key. Body: {"user_id":int} (optional)
DELETE/api/admin/keys/:idadminRetire an admin key
GET/api/userdataadmin / domainGet userdata. Query: ?user_id=X&domain_id=Y
PUT/api/userdataadmin / domainUpsert userdata. Body: {"user_id","domain_id","data":{…}}

ganshik — github.com/grimdork/ganshik