Register User
Create a new user account.Request Body
User’s email address
Desired username (cannot be 32 characters long)
User’s password (will be hashed)
Response
User’s unique ID
Email verification status
User’s email address
Example Request
Error Codes
423: Registration is disabled409: User already exists with that email or username400: Invalid email format
Start Login
Initiate login flow and discover available authentication methods.Request Body
Email address or username
Response
Available first-step authentication methods:
PASSWORD: Standard passwordPASSKEY: WebAuthn passkeyTOTP: Time-based one-time password
Required second-step authentication methods (for 2FA)
Login session ID to use in subsequent requests
WebAuthn challenge data (if passkey is available)
Example Response
Complete Login Step
Complete an authentication step (1 or 2).Path Parameters
Step number (1 or 2)
Query Parameters
Login session ID from start_login
Request Body
Authentication type:
PASSWORD, PASSKEY, TOTP, or BACKUPAuthentication data:
- For PASSWORD: password string
- For PASSKEY: WebAuthn credential object
- For TOTP: 6-digit code
- For BACKUP: backup code string
Response
- Step 1 complete, Step 2 required: Returns
202 Accepted - Login complete: Returns user session with cookies set
- Authentication failed: Returns
401 Unauthorized
Get Current User
Get the authenticated user’s profile.Authentication
RequiredResponse
User ID
Email address
Username
Email verification status
Account creation timestamp
Authentication type: LOCAL, GOOGLE, GITHUB, or CUSTOM
Storage used in bytes
Update Password
Change the user’s password.Request Body
Current password
New password
Authentication
RequiredResponse
Signs out all sessions and returns success message.Logout
Log out the current session.Response
Clears authentication cookies and redirects to home page.Sign Out Everywhere
Invalidate all user sessions across all devices.Authentication
RequiredResponse
Verify Email
Verify user email address with verification key.Path Parameters
Verification key from email
Response
Redirects to login page with verification confirmation.Forgot Password
Request a password reset email.Request Body
User’s email address
Response
Reset Password
Reset password using token from email.Request Body
New password
Reset token from email
Response
List Sessions
Get all active sessions for the user.Authentication
RequiredResponse
Array of session objects:Session ID
Session creation time
IP address
Browser/device information
Last activity time
Delete Session
Revoke a specific session.Path Parameters
Session ID to revoke
Authentication
RequiredGet Current Session
Get details about the current session.Authentication
RequiredDelete Account
Permanently delete user account and all associated data.Request Body
User’s password for confirmation
Authentication
RequiredEffects
- Deletes all user sessions
- Deletes all quizzes created by user
- Removes public quizzes from search index
- Permanently deletes user account
Get User Avatar
Get the authenticated user’s avatar (SVG format).Authentication
RequiredResponse
Returns SVG image.Get Other User’s Avatar
Get any user’s avatar by their ID.Path Parameters
User ID
Generate API Key
Generate a new API key for programmatic access.Authentication
RequiredResponse
48-character API key
List API Keys
Get all API keys for the user.Authentication
RequiredResponse
Array of API key objects containing only thekey field.
Delete API Key
Revoke an API key.Query Parameters
API key to revoke