Overview WhatDoc uses JWT (JSON Web Token) authentication. After signing up or signing in, you’ll receive a token that must be included in subsequent API requests.
Authentication Methods WhatDoc supports three authentication methods:
Email/Password - Traditional signup and signinGoogle OAuth - Sign in with GoogleGitHub OAuth - Link GitHub account for private repository access
Sign Up Create a new user account.
curl -X POST https://api.whatdoc.xyz/auth/signup \ -H "Content-Type: application/json" \ -d '{ "fname": "John", "lname": "Doe", "email": "[email protected] ", "password": "securePassword123" }'
Password (minimum 6 characters)
JWT token (expires in 7 days)
User object containing profile and plan information Whether user has Pro access
Plan tier: free, 499, or 999
Number of documentation generations used
Whether user has 5-docs limit activated
Bonus generations from promo codes
Access to premium templates
Sign In Authenticate with existing credentials.
curl -X POST https://api.whatdoc.xyz/auth/signin \ -H "Content-Type: application/json" \ -d '{ "email": "[email protected] ", "password": "securePassword123" }'
Response: Same structure as Sign Up endpoint.Google Authentication Authenticate or create account using Google OAuth.
curl -X POST https://api.whatdoc.xyz/auth/google \ -H "Content-Type: application/json" \ -d '{ "email": "[email protected] ", "displayName": "John Doe", "photoURL": "https://lh3.googleusercontent.com/..." }'
Profile photo URL from Google
Using Authentication Token Include the JWT token in the Authorization header for protected endpoints:
curl -X GET https://api.whatdoc.xyz/auth/me \ -H "Authorization: Bearer YOUR_JWT_TOKEN"
Get Current User Retrieve the authenticated user’s profile.
curl -X GET https://api.whatdoc.xyz/auth/me \ -H "Authorization: Bearer YOUR_JWT_TOKEN"
Authentication: RequiredComplete user profile (excludes password and GitHub access token)
GitHub Integration Get GitHub Auth URL Get the OAuth URL to connect GitHub account.
curl -X GET "https://api.whatdoc.xyz/auth/github?includePrivate=true" \ -H "Authorization: Bearer YOUR_JWT_TOKEN"
Authentication: RequiredRequest access to private repositories
GitHub OAuth authorization URL
Get GitHub Repositories Fetch all repositories from the authenticated user’s GitHub account.
curl -X GET https://api.whatdoc.xyz/auth/github/repos \ -H "Authorization: Bearer YOUR_JWT_TOKEN"
Authentication: RequiredArray of repository objects Full repository name (owner/repo)
Whether repository is private
Primary programming language
Unlink GitHub Account curl -X PUT https://api.whatdoc.xyz/auth/github/unlink \ -H "Authorization: Bearer YOUR_JWT_TOKEN"
Authentication: RequiredProfile Management Update Profile Update user profile information.
curl -X PUT https://api.whatdoc.xyz/auth/profile \ -H "Authorization: Bearer YOUR_JWT_TOKEN" \ -H "Content-Type: application/json" \ -d '{ "firstName": "Jane", "lastName": "Smith", "avatarUrl": "https://example.com/avatar.jpg" }'
Authentication: RequiredActivate promo codes for bonus generations or plan upgrades.
curl -X POST https://api.whatdoc.xyz/auth/redeem-pro \ -H "Authorization: Bearer YOUR_JWT_TOKEN" \ -H "Content-Type: application/json" \ -d '{ "code": "WHATDOCFAM" }'
Authentication: RequiredAvailable Codes:
Pro access code (configured via PRO_CODE env var)
FREE5DOCS - Enables 5 documentation limitWHATDOCFAM - 10 bonus generations + premium templates (limited redemptions)
Account Deletion Permanently delete user account and all associated projects.
curl -X DELETE https://api.whatdoc.xyz/auth/account \ -H "Authorization: Bearer YOUR_JWT_TOKEN" \ -H "Content-Type: application/json" \ -d '{ "password": "securePassword123" }'
Authentication: RequiredUser’s password for confirmation
This action is irreversible. All projects will be permanently deleted.
Token Expiration JWT tokens expire after 7 days . After expiration, users must sign in again to obtain a new token. 