Authentication

PingPage uses session-based authentication with HTTP-only cookies for the dashboard API.

Base URL

All API requests should be made to:

https://api.pingpage.live/v1

Session Authentication

Most API endpoints require session authentication. When you log in or register, the API sets an HTTP-only session_token cookie that is automatically sent with subsequent requests. Sessions expire after 30 days.

Info

Include credentials: 'include' in your fetch requests to send the session cookie automatically.

Endpoints

POST /v1/auth/register

Create a new user account. Sets a session cookie on success.

Parameter	Type	Required	Description
email	string	Yes	User email address
password	string	Yes	User password
name	string	Yes	Display name

Request

curl -X POST https://api.pingpage.live/v1/auth/register \
  -H "Content-Type: application/json" \
  -d '{
    "email": "user@example.com",
    "password": "secure_password",
    "name": "John Doe"
  }'

Response (201 Created)

{
  "id": "a1b2c3d4e5f6...",
  "email": "user@example.com",
  "name": "John Doe",
  "created_at": "2026-02-20T10:30:00Z",
  "updated_at": "2026-02-20T10:30:00Z"
}

POST /v1/auth/login

Authenticate and create a session. Sets a session cookie on success.

Parameter	Type	Required	Description
email	string	Yes	User email address
password	string	Yes	User password

Request

curl -X POST https://api.pingpage.live/v1/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "user@example.com",
    "password": "secure_password"
  }'

Response (200 OK)

{
  "id": "a1b2c3d4e5f6...",
  "email": "user@example.com",
  "name": "John Doe",
  "created_at": "2026-02-20T10:30:00Z",
  "updated_at": "2026-02-20T10:30:00Z"
}

POST /v1/auth/logout

Invalidate the current session and clear the cookie.

Request

curl -X POST https://api.pingpage.live/v1/auth/logout \
  -b "session_token=your_token"

Returns 204 No Content on success.

GET /v1/me

Get the authenticated user's profile. Requires session cookie.

Response (200 OK)

{
  "id": "a1b2c3d4e5f6...",
  "email": "user@example.com",
  "name": "John Doe",
  "created_at": "2026-02-20T10:30:00Z",
  "updated_at": "2026-02-20T10:30:00Z"
}

Error Responses

Authentication errors return standard HTTP status codes with plain text error messages:

401 Unauthorized — missing or invalid session cookie
401 Unauthorized — invalid email or password on login
409 Conflict — email already registered (on register)