Skip to content

Authentication Flows

User authentication and account management API testing workflows. These flows demonstrate the complete user journey from registration through logout, including email verification, login, password reset, and profile management.

Contents

End-to-end authentication workflows designed for manual API testing against the development HTTPS server. Each flow covers a specific user journey with step-by-step curl commands and expected responses.

Directory Structure

auth/
├── complete-auth-flow.md
├── email-verification.md
├── index.md
├── login.md
├── password-reset.md
└── registration.md

Documents

Core Authentication Flows

  • Registration - Complete user registration workflow with validation and error cases
  • Email Verification - Email token verification and account activation
  • Login - User login with JWT access and opaque refresh token generation
  • Password Reset - Password reset request and confirmation workflow

Complete Workflows

  • Complete Auth Flow - End-to-end authentication journey from registration through logout, including token refresh, password reset, and profile updates

Related Documentation:

External Resources:

Parent Directory: API Flows

Related Directories:

Other Documentation:

Contributing

When adding new authentication flows to this directory:

  1. Follow the appropriate API flow template
  2. Use HTTPS with self-signed certificates (dev TLS) - Use curl -k for development
  3. Include prerequisite steps and cleanup where applicable
  4. Use environment variables for sensitive data (no real secrets)
  5. Provide complete curl commands with expected responses
  6. Update this index with a link and brief description
  7. Run markdown linting: make lint-md-file FILE="path/to/file.md"

Document Information

Template: index-section-template.md Created: 2025-10-15 Last Updated: 2025-10-21