Verify External User

curl --request POST \
  --url https://api.replyke.com/api/v6/:projectId/auth/verify-external-user \
  --header 'Content-Type: application/json' \
  --data '
{
  "userJwt": "<string>"
}
'

{
  "success": true,
  "accessToken": "<string>",
  "refreshToken": "<string>",
  "user": {
    "id": "<string>",
    "email": "<string>",
    "username": "<string>",
    "name": "<string>",
    "avatar": "<string>",
    "bio": "<string>",
    "location": {
      "type": "<string>",
      "coordinates": [
        123
      ]
    },
    "birthdate": "<string>",
    "metadata": {},
    "suspensions": [
      {}
    ],
    "reputation": 123,
    "createdAt": "<string>",
    "updatedAt": "<string>"
  }
}

POST

:projectId

auth

verify-external-user

Verify External User

curl --request POST \
  --url https://api.replyke.com/api/v6/:projectId/auth/verify-external-user \
  --header 'Content-Type: application/json' \
  --data '
{
  "userJwt": "<string>"
}
'

{
  "success": true,
  "accessToken": "<string>",
  "refreshToken": "<string>",
  "user": {
    "id": "<string>",
    "email": "<string>",
    "username": "<string>",
    "name": "<string>",
    "avatar": "<string>",
    "bio": "<string>",
    "location": {
      "type": "<string>",
      "coordinates": [
        123
      ]
    },
    "birthdate": "<string>",
    "metadata": {},
    "suspensions": [
      {}
    ],
    "reputation": 123,
    "createdAt": "<string>",
    "updatedAt": "<string>"
  }
}

Verifies a user identity using a signed JWT from an external project. If the user exists, it updates the profile. If not, it creates the user. Returns an access token, refresh token, and user data.

Body Parameters

userJwt

string

required

Signed JWT issued by the external project containing user identity information

Response

success

boolean

Indicates whether the verification was successful

accessToken

string

JWT access token for authenticating API requests

refreshToken

string

JWT refresh token for obtaining new access tokens

user

User Object

The verified or newly created user object

Show properties

string

Unique user identifier

string

User’s email address

username

string

User’s username

name

string

User’s full name

avatar

string

URL to user’s avatar image

bio

string

User’s biography

location

object

Show properties

type

string

GeoJSON type (always “Point”)

coordinates

number[]

Array of [longitude, latitude]

birthdate

string

User’s birthdate in ISO 8601 format

metadata

object

Custom public metadata

suspensions

array

Array of active suspensions

reputation

number

User’s reputation score

createdAt

string

Account creation timestamp

updatedAt

string

Last update timestamp

Error Responses

Missing JWT - 400 Bad Request

{
  "error": "Missing userJwt",
  "code": "auth/missing-jwt"
}

Missing Keys - 403 Forbidden

{
  "error": "Missing JWT keys",
  "code": "auth/missing-keys"
}

Invalid Token - 403 Forbidden

{
  "error": "Invalid token",
  "code": "auth/invalid-token"
}

Project Mismatch - 403 Forbidden

{
  "error": "Project ID mismatch",
  "code": "auth/project-mismatch"
}

Unexpected Missing User - 500 Internal Server Error

{
  "error": "Unexpected error fetching user after login",
  "code": "auth/missing-user"
}

Server Error - 500 Internal Server Error

{
  "error": "Internal server error",
  "code": "auth/server-error",
  "details": "<Error message>"
}

Notes

The JWT is verified using the current or previous public key associated with the project.
On success, a secure HttpOnly cookie (replyke-refresh-jwt) is set.
The user is updated or created based on foreignId and optionally email.
Response includes tokens and user profile, including suspension info.

Request New Access Token Change Password

Documentation Index

​Body Parameters

​Response

​Error Responses

​Notes

Body Parameters

Response

Error Responses

Notes