Classify’s authentication layer is built on top of Supabase Auth, which handles credential validation, email confirmation, and password recovery. After a successful login or registration, the API returns a short-livedDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/Taykl12/Classify/llms.txt
Use this file to discover all available pages before exploring further.
accessToken (JWT) and a refreshToken. Every subsequent request to a protected endpoint must include the access token in the Authorization header as a Bearer token — there are no cookies or sessions stored server-side.
How tokens are managed
The frontend stores the access token under thelocalStorage key classify_access_token. All HTTP clients built on top of the shared apiFetchWithRetry helper automatically:
- Attach the
Authorization: Bearer <token>header to every request. - Retry up to three times on transient gateway errors (
502,503,504). - Clear the stored token and redirect the user to
/loginwhenever any response returns401 Unauthorized.
User object shape
Every endpoint that returns a user uses the same object structure:| Field | Type | Description |
|---|---|---|
id | string | Supabase UUID for the user |
email | string | Email address |
firstName | string | Given name |
lastName | string | Family name |
roleId | number | Numeric role identifier |
roleLabel | string | Human-readable role name |
profilePhotoUrl | string | null | URL of the user’s avatar, or null |
Error shape
All error responses from the auth API use one of two shapes:400 for malformed or missing input, 401 for authentication failures, and 500 for unexpected server errors.
Making an authenticated request
Include the access token retrieved fromlocalStorage.classify_access_token in the Authorization header on every call to a protected endpoint.
Endpoints
Register
Create a new Classify account with email and password.
Login
Authenticate with credentials and receive a JWT access token.
Get User
Fetch the profile of the currently authenticated user.
Recover Password
Send a password-reset email to a registered address.
Logout
Invalidate the current session token and clear stored credentials.