Getting Started
Get up and running with the SutraID API in under 5 minutes. This guide walks you through authentication, making your first API call, and handling responses.
1
Create an Account
Register a new account using the authentication API. This will create your user and an organization automatically.
curl -X POST https://api.sutraid.com/api/v1/auth/register \
-H "Content-Type: application/json" \
-d '{
"email": "developer@yourcompany.com",
"password": "YourSecurePassword123!"
}'2
Get Your Access Token
The registration response includes an accessToken (JWT, 15-minute expiry) and a refreshToken (30-day expiry). Use the access token in the Authorization header for all authenticated requests.
{
"accessToken": "eyJhbGciOiJIUzI1NiIs...",
"refreshToken": "dGhpcyBpcyBhIHJlZnJl...",
"expiresIn": 900,
"tokenType": "Bearer",
"user": {
"id": "usr_abc123",
"email": "developer@yourcompany.com",
"organizationId": "org_xyz789",
"role": "SUPER_ADMIN"
},
"organization": {
"id": "org_xyz789",
"name": "Your Company",
"slug": "your-company"
}
}3
Make Authenticated Requests
Include the access token in the Authorization: Bearer header to access protected endpoints.
curl https://api.sutraid.com/api/v1/auth/me \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIs..."
# Response:
# { "user": { "id": "usr_abc123", "email": "developer@yourcompany.com", ... } }4
Create an Application
Register an OIDC or SAML application to enable SSO for your users.
curl -X POST https://api.sutraid.com/api/v1/organizations/org_xyz789/applications \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIs..." \
-H "Content-Type: application/json" \
-d '{
"name": "My Web App",
"type": "OIDC",
"redirectUris": ["https://myapp.com/callback"],
"grantTypes": ["authorization_code", "refresh_token"],
"scopes": ["openid", "profile", "email"]
}'