Skip to main contentSkip to Content
Authentication

Authentication

CampaignOS uses NextAuth with JWT strategy for session management.

Sign In

Authentication is session-based via NextAuth. Sign in at /auth/signin using email and password credentials.

Register a New User

POST /api/auth/register

Creates a new user account.

Auth: None required

Request Body:

{
  "name": "Jane Smith",
  "email": "jane@example.com",
  "password": "securepassword123"
}

Response (201):

{
  "id": "clx...",
  "name": "Jane Smith",
  "email": "jane@example.com",
  "createdAt": "2026-01-15T10:00:00.000Z"
}

Errors:

  • 409 — Email already exists
  • 400 — Invalid input (name, email, or password missing/invalid)

Session Management

After signing in, NextAuth sets an encrypted JWT cookie. All authenticated API endpoints validate this cookie automatically.

API Key Authentication

For programmatic access, create API keys via the API Keys endpoint. Include the key in the Authorization header:

Authorization: Bearer cos_your_api_key_here

API keys are scoped to a workspace and can have specific permission scopes.

Health Check

GET /api/health

Auth: None required

Response:

{
  "status": "ok",
  "timestamp": "2026-01-15T10:00:00.000Z",
  "version": "0.1.0"
}

OpenAPI Specification

GET /api/openapi

Returns the full OpenAPI 3.1.0 JSON specification for the CampaignOS API.

Auth: None required

Last updated on
Getting StartedAPI Keys