LoginRadius DocsDocs
DocumentationAPI ReferencesSDKsChangelogs

Authentication API

Introduction to authentication, registration, login, user, password, session, security, and custom-object APIs for core customer identity workflows.

Overview

The Authentication API is the primary entry point for customer identity workflows. This group is where most applications begin when implementing sign-up, sign-in, password recovery, user verification, session handling, and token-backed user actions.

It is designed for the flows that directly power user-facing authentication experiences, from traditional credential login to passwordless, passkeys, social login, and multi-step security checks.

What this API group covers

The current Authentication API group includes:

  • Registration
  • Login
  • User
  • Password
  • Security
  • Session
  • Custom Object

These sections collectively cover the initial identity lifecycle, authenticated user actions, core token/session flows, and user-scoped custom object operations.

Available sections

Registration

Endpoints for account creation, registration validation, SOTT-backed sign-up, CAPTCHA-backed sign-up, and passkey registration flows.

Login

Endpoints for credential login, passwordless login, one-touch login, smart login, social-provider login, and passkey login.

User

Endpoints for email updates, verification, profile actions, identifier updates, and other user-scoped operations after the identity exists.

Password

Endpoints for forgot-password, password reset, password change, password recovery, OTP-based reset, and related password security tasks.

Security

Endpoints for authentication security policies, challenges, verification behavior, and security-sensitive identity controls.

Session

Endpoints for access tokens, token validation, invalidation, active-session details, and other user-session lifecycle operations.

Custom Object

User-scoped custom object CRUD operations for storing structured data beyond the normalized user profile.

Common workflows

This group is the right starting point for:

  • registering a user by email, phone, or username
  • logging in with credentials, OTP, passkeys, or social providers
  • handling forgot-password and reset-password flows
  • verifying users through email, phone, or other challenge methods
  • validating or invalidating access tokens
  • retrieving authenticated user profile state by token
  • storing or retrieving user-scoped custom object data

When to start here

Start with the Authentication API when your application needs:

  • public sign-up and sign-in flows
  • consumer login experiences
  • password or passwordless recovery flows
  • session creation and token lifecycle handling
  • authenticated user actions tied to access tokens

If you are instead managing existing accounts administratively, configuring tenants, or automating org-level access, start with the Account API, Management API, or Partner IAM API as appropriate.

Next steps

  • Review the Authorization page for this group before integrating production flows
  • Start with Registration and Login for new implementations
  • Use Password and Session for recovery and token lifecycle flows
  • Use Custom Object only when you need dynamic user-scoped structured data

API Overview

Understand how LoginRadius APIs are organized, which API family to start with, and how authentication works across the platform.

Authorization

Authorization guidance for Authentication API flows, including API key, client ID, bearer-token use, and mixed public versus authenticated endpoint patterns.

On this page

OverviewWhat this API group coversAvailable sectionsRegistrationLoginUserPasswordSecuritySessionCustom ObjectCommon workflowsWhen to start hereNext steps