Skip to main content
Creates a new user account. On success, returns an access token in the response body and sets a refreshToken httpOnly cookie.

Endpoint

POST /api/auth/signup
Authentication: None required

Request body

email
string
required
The user’s email address. Must be a valid email format and not already registered.
password
string
required
The user’s password. Must meet the minimum strength requirements enforced by the validation schema.
name
string
required
The user’s display name.

Response

success
boolean
required
true on a successful signup.
message
string
required
Human-readable result message. Value: "Account created successfully".
data
object
A refreshToken cookie is also set on the response (httpOnly, secure, sameSite: none, scoped to /api/auth).

Error cases

StatusMessageCause
400Validation error messageMissing or invalid request body fields
400"Signup failed"Email already registered or other service error

Example

curl -X POST http://localhost:5000/api/auth/signup \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "password": "SecurePass123!",
    "name": "Alice Smith"
  }'
Success response (201): 
{
  "success": true,
  "message": "Account created successfully",
  "data": {
    "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "user": {
      "id": "64f1a2b3c4d5e6f7a8b9c0d1",
      "email": "[email protected]",
      "name": "Alice Smith",
      "role": "user"
    }
  }
}
Error response (400): 
{
  "success": false,
  "message": "Signup failed",
  "statusCode": 400
}

Build docs developers (and LLMs) love

Get started for freeTalk to us