Skip to main content
API docs by Redocly

Scute API (params in:formData) (1.0)

Download OpenAPI specification:Download

Scute API Documentation

api_keys

Manage API Keys

Lists api keys for the app

path Parameters
app_id
required
number
header Parameters
Authorization
required
string

API Secret token

Responses

Creates a new api key

path Parameters
app_id
required
number
header Parameters
Authorization
required
string

API Secret token

X-Authorization
required
string

User Access token

Request Body schema: multipart/form-data
required
nickname
required
string

Nickname for the api key

Responses

Creates a new api key

path Parameters
app_id
required
number
id
required
number
header Parameters
Authorization
required
string

API Secret token

Responses

Updates api key nickname

path Parameters
app_id
required
number
id
required
number
header Parameters
Authorization
required
string

API Secret token

Responses

Revokes api key

path Parameters
app_id
required
number
id
required
number
header Parameters
Authorization
required
string

API Secret token

Responses

apps

Manage Applications

Lists apps

header Parameters
Authorization
required
string

API Secret token

Responses

Create a new app

header Parameters
Authorization
required
string

API Secret token

X-Authorization
required
string

User Access token

Request Body schema: multipart/form-data
name
string

Application name

origin
string

Url of the Application

colors
string

Color array ([hex])

callback_url
string

Callback url (used for oauth)

login_url
string

Login url

Responses

Show app info

path Parameters
id
required
number

Responses

Update app

path Parameters
id
required
number
Request Body schema: multipart/form-data
name
string

Application name

origin
string

Url of the Application

colors
string

Color array ([hex])

callback_url
string

Callback url (used for oauth)

login_url
string

Login url

Responses

Delete an app

path Parameters
id
required
number
Request Body schema: multipart/form-data
name
string

Application name

origin
string

Url of the Application

colors
string

Color array ([hex])

callback_url
string

Callback url (used for oauth)

login_url
string

Login url

Responses

auth-current_user

Authenticated User Operations

Updates current user meta

path Parameters
app_id
required
number
header Parameters
X-Authorization
required
string

User Access token

Responses

Detailed current user resource

path Parameters
app_id
required
number
header Parameters
X-Authorization
required
string

User Access token

Responses

Logouts and flushes the sessions of the current user

path Parameters
app_id
required
number
header Parameters
X-Authorization
required
string

User Access token

Responses

auth-devices

Manage User Devices/Sessions

List all WebAuthn devices for the authenticated user.

This is not used in the JS SDK, but is here for completeness, use Sessions instead (sessions includes devices aswell)

path Parameters
app_id
required
number
header Parameters
X-Authorization
required
string

User Access token

Responses

Revoke a webauthn device (do not use, here for completeness)

This is not used in the JS SDK, here for completeness use revoke session instead

path Parameters
app_id
required
number
id
required
number
header Parameters
X-Authorization
required
string

User Access token

Responses

Webauthn Credential registration verification

path Parameters
app_id
required
number
header Parameters
X-Authorization
required
string

User Access token

Responses

auth-users

User Authentication Operations

Displays users info with identifier

path Parameters
app_id
required
number
query Parameters
identifier
string

User identifier (email)

user_id
string

User id

Responses

Create new user

Creates a new User with the given identifier, and returns a simplified user object, and sends a magic link to confirm the email address.

path Parameters
app_id
required
number
Request Body schema: multipart/form-data
required
identifier
required
string

Valid user identifier (email)

user_meta
string

User meta data

Responses

auth-webauthn_registration

(Use devices controller instead (register,finalize))

Webauthn Credential initiation - Deprecated

Do not use it manually unless you know what you are doing and have a good reason to do so. Use the SDK instead.

path Parameters
app_id
required
number

Responses

Webauthn register finalization - Deprecated

Do not use it manually unless you know what you are doing and have a good reason to do so. Use the SDK instead.

path Parameters
app_id
required
number

Responses

users

Manage Users

List, search, filter users for an app

path Parameters
app_id
required
number
query Parameters
id
string

id of the requested user

email
string

Search with email

phone
string

Search with phone

created_before
string

Filter all created before this date

status
string
Enum: "active" "pending" "inactive"

Filter by status

page
string

Page number

limit
string

Limit number of results in a page

header Parameters
Authorization
required
string

API Secret token

Responses

Update a user

path Parameters
app_id
required
number
header Parameters
Authorization
required
string

API Secret token

Request Body schema: multipart/form-data
id
string

id of the requested user

Responses

Create a user

path Parameters
app_id
required
number
header Parameters
Authorization
required
string

API Secret token

Request Body schema: multipart/form-data
identifier
string

Email or phone number of the user to create

Responses

Get a user

path Parameters
id
required
string

id of the requested user

app_id
required
number
header Parameters
Authorization
required
string

API Secret token

Responses

Delete a user

path Parameters
app_id
required
number
id
required
number
header Parameters
Authorization
required
string

API Secret token

X-Authorization
required
string

User Access token

Responses

Activate a user

path Parameters
app_id
required
number
id
required
number
header Parameters
Authorization
required
string

API Secret token

X-Authorization
required
string

User Access token

Responses

Deactivate a user

path Parameters
app_id
required
number
id
required
number
header Parameters
Authorization
required
string

API Secret token

X-Authorization
required
string

User Access token

Responses

Invite a new user to the app

Creates a user with :pending status and sends an invitation email to the user.

path Parameters
app_id
required
number
id
required
number
header Parameters
Authorization
required
string

API Secret token

X-Authorization
required
string

User Access token

Request Body schema: multipart/form-data
required
identifier
required
string

Email address for the user to invite

user_meta
string

User metadata for the created user

Responses

auth-sessions

List all sessions for the authenticated user.

path Parameters
app_id
required
number
header Parameters
X-Authorization
required
string

User Access token

Responses

Update a session by ID

path Parameters
app_id
required
number
id
required
number
header Parameters
X-Authorization
required
string

User Access token

Request Body schema: multipart/form-data
display_name
string

Display name for the session

Responses

Revoke a session by ID for the authenticated user

path Parameters
app_id
required
number
id
required
number
header Parameters
X-Authorization
required
string

User Access token

Responses

[WIP] Rotate a session by ID

path Parameters
app_id
required
number
id
required
number
header Parameters
X-Authorization
required
string

User Access token

Responses

auth-test

Verify access token

path Parameters
app_id
required
number
header Parameters
X-Authorization
required
string

User Access token

Responses

Verify API secret

path Parameters
app_id
required
number
header Parameters
Authorization
required
string

API Secret token

Responses

auth-tokens

Refresh access token

Refreshes the access token with the current refresh token.

path Parameters
app_id
required
number
header Parameters
X-Refresh-Token
required
string

User Refresh token

X-CSRF-Token
required
string

CSRF token

Responses

Verifies access token

path Parameters
app_id
required
number
header Parameters
X-Authorization
required
string

User Access token

Responses

Verifies refresh token

path Parameters
app_id
required
number
header Parameters
X-Refresh-Token
required
string

User Refresh token

X-CSRF-Token
required
string

CSRF token

Responses

Refreshes access token with API Secret

Allows for http-only cookie based access token rotation from server-side to Scute API (Specifically for Next.js (scute-next-js))

path Parameters
app_id
required
number
header Parameters
X-Authorization
required
string

User Access token

Authorization
required
string

API Secret token

Responses

Refreshes access token with Refresh token and API Secret

Allows for http-only cookie based token refresh from server-side to Scute API

path Parameters
app_id
required
number
header Parameters
X-Refresh-Token
required
string

User Refresh token

X-CSRF-Token
required
string

CSRF token

Authorization
required
string

API Secret token

Responses

auth-webauthn_login

Initiate a WebAuthn login (Credential auth ceremony)

SDK hits this endpoint to login the webauthn credentials for a user) -- Do not use it manually unless you know what you are doing and have a good reason to do so. Use the SDK instead.

path Parameters
app_id
required
number
Request Body schema: multipart/form-data
required
identifier
required
string

Valid user identifier (email)

Responses

Finalize a WebAuthn login (Credential auth ceremony)

SDK hits this endpoint to login the webauthn credentials for a user) -- Do not use it manually unless you know what you are doing and have a good reason to do so. Use the SDK instead.

path Parameters
app_id
required
number

Responses

auth_providers

Lists auth providers for the app

path Parameters
app_id
required
number
header Parameters
Authorization
required
string

API Secret token

Responses

Upsert auth provider for the app

path Parameters
app_id
required
number
header Parameters
Authorization
required
string

API Secret token

Request Body schema: multipart/form-data
required
auth_provider[slug]
required
string
auth_provider[client_id]
required
string
auth_provider[client_secret]
required
string

Responses

events

Lists events

path Parameters
app_id
required
number
query Parameters
page
number

Page number

limit
number

Limit per page

perpage
number

Limit per page

header Parameters
Authorization
required
string

API Secret token

X-Authorization
required
string

User Access token

Responses

sessions

Lists User sessions by ID

path Parameters
app_id
required
number
id
required
number
header Parameters
Authorization
required
string

API Secret token

Responses

Revoke session by id

path Parameters
app_id
required
number
id
required
number
session_id
required
number
header Parameters
Authorization
required
string

API Secret token

Responses

team

Get team members

path Parameters
app_id
required
number
header Parameters
Authorization
required
string

API Secret token

X-Authorization
required
string

User Access token

Responses

Create new member

path Parameters
app_id
required
number
header Parameters
Authorization
required
string

API Secret token

X-Authorization
required
string

User Access token

Request Body schema: multipart/form-data
required
user_id
required
string

User ID

role
required
string
Enum: "editor" "admin"

Role

Responses

Delete member

path Parameters
id
required
string

Membership ID

app_id
required
number
header Parameters
Authorization
required
string

API Secret token

X-Authorization
required
string

User Access token

Responses

user_meta_fields

Get app meta fields

path Parameters
app_id
required
number

Responses

Create a metafield

path Parameters
app_id
required
number
header Parameters
Authorization
required
string

API Secret token

X-Authorization
required
string

User Access token

Request Body schema: multipart/form-data
required
name
required
string

Meta field name

field_type
required
string
Enum: "string" "boolean" "integer" "date" "phone" "email" "text" "url"

Type

required
string
Enum: "true" "false"

Required

visible_profile
string
Enum: "true" "false"

Visible on profile component

visible_registration
string
Enum: "true" "false"

Visible on registration / login component

position
number

Position

Responses

Update a metafield

path Parameters
app_id
required
number
header Parameters
Authorization
required
string

API Secret token

X-Authorization
required
string

User Access token

Request Body schema: multipart/form-data
required
id
required
string

Meta field name

position
number

Position

Responses

Update a metafield

path Parameters
app_id
required
number
id
required
number
header Parameters
Authorization
required
string

API Secret token

X-Authorization
required
string

User Access token

Request Body schema: multipart/form-data
required
name
required
string

Meta field name

field_type
required
string
Enum: "string" "boolean" "integer" "date" "phone" "email" "text" "url"

Type

required
string
Enum: "true" "false"

Required

visible_profile
string
Enum: "true" "false"

Visible on profile component

visible_registration
string
Enum: "true" "false"

Visible on registration / login component

position
number

Position

Responses

Delete a metafield

path Parameters
app_id
required
number
id
required
number
header Parameters
Authorization
required
string

API Secret token

X-Authorization
required
string

User Access token

Responses