Download OpenAPI specification:Download
Login users using social login providers like Google Sign-In. This implements a frontend integration for authentication, where the client obtains an authorization code that your app can exchange in the backend for user tokens.
Authenticate the user using Google Sign-In. This endpoint should be called from the user's browser. It will redirect the User Agent to the Google IDP and redirect back to Transmit upon successful authentication. Once Transmit verifies the authentication response, the User Agent will be redirected to the redirect_uri specified in the request. This URI will now include a code parameter in the query, which will be later exchanged for a token via the /token endpoint.
| client_id required | string <= 150 characters Client ID of the application requesting authentication, retrieved from the Transmit Admin Portal Example: client_id=DgsdfhSDsdfhtSDFXCCXBVMKPws345yscv2345XCZV |
| redirect_uri required | string URI to redirect to upon completion of the IDP flow. This is the server GET endpoint used to call the token endpoint, and should accept "code" as a query parameter. This URI must also be configured as an allowed redirect URI in the Transmit Admin Portal Example: redirect_uri=https://www.example.com/login |
| create_new_user | boolean Default: true Indicates if a new user should be created if no user with associated email was found. If enabled, public signups must also be configured as allowed for the application. |
| resource | string Resource URI the login is attempting to access. |
| require_mfa | boolean Default: false Require multi factor authentication for this authentication request. Example: require_mfa=true |
| claims | string A stringified object used to request additional claims in the ID token, such as roles, permissions, and other user profile data. The structure is per the OIDC Standard. For supported claims and how to request custom claims, see the ID Token Reference. Note: You should stringify the value. Example: claims={"id_token":{"roles":null}} |
| state | string An opaque string that is used to maintain state between the request and the callback. It will be added to the redirect URI as a query parameter, which should be validated by your server to protect against cross-site request forgery (CSRF) attacks |
| nonce | string A random value that is included in the authentication request from the client (e.g. browser) to mitigate replay attacks. It will be added to the id_token and the backend service should only accept id_tokens that include the same nonce value as the one included in the original request |
| org_id | string Organization ID, used for member login in B2B scenarios |
Redirect with code
{- "message": "Invalid redirect_uri",
- "error_code": 400
}Authenticate the user using Sign in with Apple. This endpoint should be called from the user's browser. It will redirect the User Agent to the Apple IDP and redirect back to Transmit upon successful authentication. Once Transmit verifies the authentication response, the User Agent will be redirected to the redirect_uri specified in the request. This URI will now include a code parameter in the query, which will be later exchanged for a token via the /token endpoint.
| client_id required | string <= 150 characters Client ID of the application requesting authentication, retrieved from the Transmit Admin Portal Example: client_id=DgsdfhSDsdfhtSDFXCCXBVMKPws345yscv2345XCZV |
| redirect_uri required | string URI to redirect to upon completion of the IDP flow. This is the server GET endpoint used to call the token endpoint, and should accept "code" as a query parameter. This URI must also be configured as an allowed redirect URI in the Transmit Admin Portal Example: redirect_uri=https://www.example.com/login |
| create_new_user | boolean Default: true Indicates if a new user should be created if no user with associated email was found. If enabled, public signups must also be configured as allowed for the application. |
| resource | string Resource URI the login is attempting to access. |
| require_mfa | boolean Default: false Require multi factor authentication for this authentication request. Example: require_mfa=true |
| claims | string A stringified object used to request additional claims in the ID token, such as roles, permissions, and other user profile data. The structure is per the OIDC Standard. For supported claims and how to request custom claims, see the ID Token Reference. Note: You should stringify the value. Example: claims={"id_token":{"roles":null}} |
| state | string An opaque string that is used to maintain state between the request and the callback. It will be added to the redirect URI as a query parameter, which should be validated by your server to protect against cross-site request forgery (CSRF) attacks |
| nonce | string A random value that is included in the authentication request from the client (e.g. browser) to mitigate replay attacks. It will be added to the id_token and the backend service should only accept id_tokens that include the same nonce value as the one included in the original request |
| org_id | string Organization ID, used for member login in B2B scenarios |
Redirect with code
{- "message": "Invalid redirect_uri",
- "error_code": 400
}Authenticate the user using Facebook Login. This endpoint should be called from the user's browser. It will redirect the User Agent to the Facebook IDP and redirect back to Transmit upon successful authentication. Once Transmit verifies the authentication response, the User Agent will be redirected to the redirect_uri specified in the request. This URI will now include a code parameter in the query, which will be later exchanged for a token via the /token endpoint.
| client_id required | string <= 150 characters Client ID of the application requesting authentication, retrieved from the Transmit Admin Portal Example: client_id=DgsdfhSDsdfhtSDFXCCXBVMKPws345yscv2345XCZV |
| redirect_uri required | string URI to redirect to upon completion of the IDP flow. This is the server GET endpoint used to call the token endpoint, and should accept "code" as a query parameter. This URI must also be configured as an allowed redirect URI in the Transmit Admin Portal Example: redirect_uri=https://www.example.com/login |
| create_new_user | boolean Default: true Indicates if a new user should be created if no user with associated email was found. If enabled, public signups must also be configured as allowed for the application. |
| resource | string Resource URI the login is attempting to access. |
| require_mfa | boolean Default: false Require multi factor authentication for this authentication request. Example: require_mfa=true |
| claims | string A stringified object used to request additional claims in the ID token, such as roles, permissions, and other user profile data. The structure is per the OIDC Standard. For supported claims and how to request custom claims, see the ID Token Reference. Note: You should stringify the value. Example: claims={"id_token":{"roles":null}} |
| state | string An opaque string that is used to maintain state between the request and the callback. It will be added to the redirect URI as a query parameter, which should be validated by your server to protect against cross-site request forgery (CSRF) attacks |
| nonce | string A random value that is included in the authentication request from the client (e.g. browser) to mitigate replay attacks. It will be added to the id_token and the backend service should only accept id_tokens that include the same nonce value as the one included in the original request |
| org_id | string Organization ID, used for member login in B2B scenarios |
Redirect with code
{- "message": "Invalid redirect_uri",
- "error_code": 400
}Authenticate the user using LINE login. This endpoint should be called from the user's browser. It will redirect the User Agent to the LINE IDP and redirect back to Transmit upon successful authentication. Once Transmit verifies the authentication response, the User Agent will be redirected to the redirect_uri specified in the request. This URI will now include a code parameter in the query, which will be later exchanged for a token via the /token endpoint.
| client_id required | string <= 150 characters Client ID of the application requesting authentication, retrieved from the Transmit Admin Portal Example: client_id=DgsdfhSDsdfhtSDFXCCXBVMKPws345yscv2345XCZV |
| redirect_uri required | string URI to redirect to upon completion of the IDP flow. This is the server GET endpoint used to call the token endpoint, and should accept "code" as a query parameter. This URI must also be configured as an allowed redirect URI in the Transmit Admin Portal Example: redirect_uri=https://www.example.com/login |
| create_new_user | boolean Default: true Indicates if a new user should be created if no user with associated email was found. If enabled, public signups must also be configured as allowed for the application. |
| resource | string Resource URI the login is attempting to access. |
| require_mfa | boolean Default: false Require multi factor authentication for this authentication request. Example: require_mfa=true |
| claims | string A stringified object used to request additional claims in the ID token, such as roles, permissions, and other user profile data. The structure is per the OIDC Standard. For supported claims and how to request custom claims, see the ID Token Reference. Note: You should stringify the value. Example: claims={"id_token":{"roles":null}} |
| state | string An opaque string that is used to maintain state between the request and the callback. It will be added to the redirect URI as a query parameter, which should be validated by your server to protect against cross-site request forgery (CSRF) attacks |
| nonce | string A random value that is included in the authentication request from the client (e.g. browser) to mitigate replay attacks. It will be added to the id_token and the backend service should only accept id_tokens that include the same nonce value as the one included in the original request |
| org_id | string Organization ID, used for member login in B2B scenarios |
Redirect with code
{- "message": "Invalid redirect_uri",
- "error_code": 400
}Retrieve ID and access tokens. This API is used to retrieve ID and access tokens using the code that was returned in the redirect URI as a query parameter (for example, when the user clicks a magic link). It may also create a new user if create_new_user was set to true in the send request and no user exists for the email address or phone number (depending on the flow).
{- "code": "GZxLFKTDCnlANVTxNvaWz7AIGPpXqZYSXdAwjiWRuOH",
- "client_id": "DgsdfhSDsdfhtSDFXCCXBVMKPws345yscv2345XCZV",
- "client_secret": "FzxvdDMbvxnc45sdfb789XCVGEW6usazxcvbw3KPsb23"
}{- "id_token": "string",
- "access_token": "string",
- "refresh_token": "string",
- "is_user_created": true
}Logout the user from a specific session. The user and session are derived from the access token used to authorize the request (which was issued based on the authentication that created the session)
Sessions deleted Successfully
{- "sessions_count": 0
}