-
Notifications
You must be signed in to change notification settings - Fork 2
Auth Service ‐ API Reference
Vikas Singh edited this page Sep 16, 2025
·
3 revisions
Authentication & authorization microservice for the Spring Microservices Shop Application.
All protected endpoints use cookie-based authentication – tokens are issued as HTTP-only cookies.
| Method | Endpoint | Description | Auth Required |
|---|---|---|---|
POST |
/signup |
Register a new user | ❌ |
POST |
/signin |
Authenticate user and issue auth cookie | ❌ |
POST |
/refresh-token |
Refresh access token (using cookie) | ✅ |
POST |
/verify |
Verify email/phone with OTP | ❌ |
GET |
/role |
Get roles of the current user | ✅ |
POST |
/resend-otp |
Resend OTP for verification | ❌ |
POST |
/forgot-password |
Initiate password reset (send OTP/link) | ❌ |
POST |
/reset-password |
Reset password using OTP | ❌ |
POST |
/change-password |
Change password (current → new, via cookie) | ✅ |
GET |
/me |
Get profile of the current user | ✅ |
POST /signupRequest Body:
{
"username": "johndoe",
"name": "John Doe",
"email": "[email protected]",
"password": "Password123!",
"role": "USER"
}POST /signinRequest Body:
{
"username": "johndoe",
"password": "Password123!"
}Response: HTTP-only cookie with token.
POST /refresh-tokenRefreshes access token using the auth cookie.
✅ Cookie required. No request body.
POST /verifyRequest Body:
{
"username": "johndoe",
"verificationCode": "123456"
}POST /resend-otpRequest Body:
{
"email": "[email protected]"
}POST /forgot-passwordRequest Body:
{
"email": "[email protected]"
}POST /reset-passwordRequest Body:
{
"email": "[email protected]",
"verificationCode": "123456",
"newPassword": "NewPassword123!"
}POST /change-password✅ Cookie required.
Request Body:
{
"currentPassword": "Password123!",
"newPassword": "NewPassword123!"
}GET /role✅ Cookie required. No request parameters.
Response Example:
{
"roles": ["USER", "ADMIN"]
}GET /me✅ Cookie required. No request parameters.
Response Example:
{
"id": "12345",
"username": "johndoe",
"name": "John Doe",
"email": "[email protected]",
"roles": ["USER"]
}