Authentication
With the Pakt Web API, Chainsite builders can establish user authentication features such as:
Last updated
With the Pakt Web API, Chainsite builders can establish user authentication features such as:
Last updated
This endpoint is used to create a new user account.
Request
firstName (string): The first name of the user.
lastName (string): The last name of the user.
email (string): The email address of the user.
password (string): The password for the user account.
confirmPassword (string): The confirmation of the password.
Response
status (string): The status of the request.
message (string): Additional information or error message.
data (object):
email (string): The email address of the user.
tempToken (object):
token (string): Temporary token for account verification.
token_type (string): Type of the token.
expiresIn (number): Expiry duration of the token in seconds.
{"firstName":"Alice","lastName":"Bob","email":"mail@example.com","password":"1234@Abcd","confirmPassword":"1234@Abcd"}Accepted
Verifies and activates a user account using a verification token and temporary authentication token.
This endpoint completes the multi-step user registration flow, where a user first creates an account with basic information, receives a verification code, and then confirms their identity by submitting that code along with the temporary token received during registration.
Request
The request requires a JSON body with the following fields:
token: A 6-digit verification code sent to the user's email or phone
tempToken: A temporary JWT authentication token provided during the registration or account recovery process
Response
The response contains the following structure:
status: Indicates if the account verification was successful
message: A descriptive message confirming the account was successfully activated
data: An object containing authentication credentials and verification status:
token: A permanent JWT authentication token that can be used for subsequent API calls
token_type: Specifies the type of token provided ("jwt")
expiresIn: The timestamp when the token will expire, set to a far future date
isVerified: Boolean flag confirming the account is now verified
The successful verification process transforms the user's account status from pending to active, enabling full access to the platform. The provided authentication token has an extremely long expiration period, allowing the user to remain logged in for an extended time.
{"token":"191908","tempToken":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY3Zjg2ODNlZTVkY2Q5MzYzZmQwYTk3YiIsImlhdCI6MTc0NDMzMjg2MiwiZXhwIjoxNzQ0MzM0OTY0fQ.mxZTFOMT21JQ2wFGCHnHctuwBJhUf1nYP7vk7IaPMLaKdBxuVKgX00ovN7w_Sxwoo4oAW-BV1bBpYfD_OS9v2_lfHfP2EoW6523x7eLKBzp6dnCNC7pJLuKMNY9fn6UjVctE8KzZYKwqHDcWm1RB52LyuTkVEQVom2ipQkDibSqftWyeIlw1A6DXY7qIADBYrc1rAWbSnSr7bnMBWZPBRA3dEz0zDNG-1T2LxmFV77eBFaVcHGlUVrQ9SRQxeGBTsX0jI_zzjvkCeVLbGT4eqkiR2TbGrJy9PDHi2sBVz08-_zBEyMLBrXLW7Jo9LOaweyi52NzgkdY8nyWEJ9yvCA"}OK
This endpoint is used to resend the verification email to the specified email address.
Request
email (string, required): The email address to which the verification email will be resent.
Response
status (string): The status of the request.
message (string): A message related to the status of the request.
data (object): The data object containing the temporary token.
tempToken (object): The temporary token details.
token (string): The temporary token value.
token_type (string): The type of the token.
expiresIn (number): The expiration time of the token in seconds.
{"email":"mail@example.com"}OK
This endpoint allows users to authenticate and obtain a token for accessing protected resources.
Request
email (string): The email address of the user.
password (string): The password for the user's account.
Response
status (string): The status of the response.
message (string): A message related to the response status.
data (object): The data object containing authentication details.
token (string): The authentication token.
token_type (string): The type of token.
expiresIn (number): The expiration time of the token.
isVerified (boolean): Indicates if the user's account is verified.
{"email":"mail@example.com","password":"1234567890@Abcde"}OK
This endpoint allows users to log in using two-factor authentication by providing a temporary token and the verification code.
Request
tempToken (string): The temporary token generated during the initial login process.
code (string): The verification code entered by the user.
Response
The response contains the following structure:
status: Indicates if the request was successful
message: A brief status message
data: Contains the user profile information with extensive details:
_id: Unique MongoDB identifier for the user
firstName: User's first name
lastName: User's last name
email: User's email address
status: Boolean indicating if the account is active
emailVerified: Boolean indicating if the email has been verified
role: User's role in the system (e.g., "user")
type: User's type classification (e.g., "recipient")
profile: Object containing detailed profile information:
contact: Address and phone information
country: User's country
state: User's state/province
city: User's city
address: User's physical address
phone: User's phone number
bio: Professional information
title: User's professional title
description: Brief description of professional skills
talent: Skills and availability information
about: Detailed information about the user's background
availability: Current availability status
tags: Array of skill/interest tags as strings
tagsIds: Detailed array of tag objects with metadata
isPrivate: Boolean indicating profile privacy setting
walletGenerated: Boolean indicating if a wallet has been created
score: Numeric score value (appears to be reputation or activity based)
profileCompleteness: Percentage indicating profile completion status
socket: Object with connection status information
loggedInAt: Timestamp of last login
referralCode: User's unique referral code
userName: User's unique username
bgImage: Object containing background image details and URL
meta: Object containing additional metadata like point scores
profileImage: Object containing profile image details and URL
socials: Object containing social media profile links
github: GitHub profile URL
twitter: Twitter profile URL
linkedin: LinkedIn profile URL
website: Personal website URL
token: JWT authentication token
token_type: Type of authentication token
expiresIn: Token expiration timestamp
isVerified: Boolean indicating if the user is verified
The tags system includes detailed information about each skill tag, including parent-child relationships, color coding, and entry counts, supporting a rich categorization system for user talents and specializations.
{"tempToken":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY2ZmQyNWY1N2VmYjRiNjdiZDVkMjcxZSIsImlhdCI6MTc0NDM3MTEwMiwiZXhwIjoxNzQ0MzczMjA0fQ.SH54FSVuG3s9jXqCP39Bn0L7rf0-TEtfBpuk-9T8bJfN1bTALVmhVzc-jyEfyYc86aMaJ-_m4KtlqtBuwIgSVeOznNX-Y9IoY9zCQgskqJDViznKQdVb9tKAhmDY5ijNT-8muRoWK88gdqj1A0E9m8zTx8_qzkU9uNvQukOXgt2PqU1GI2rg0MUWBgST00KqLoddl9oY-vOcxQC8_2WGZiYFUfNRO7vo_mXwd_dJixoE0iruA4ahBoL1rs1s7L-YkaljU2TabyvnxFJXSEEAYFVxhwFgs2Ia6tlNubM55po2tvQufnB10hdGRq3DRlWWPvYMpyRq75rtXYeJFtfPlw","code":"746611"}OK
This endpoint allows the user to make an HTTP POST request to {{baseUrl}}/v1/auth/2fa/email/code in order to send a two-factor authentication (2FA) code to the provided email address. The request should include a JSON payload with the "email" key set to the user's email address.
Request
email (string, required): The email address to which the 2FA code will be sent.
Response
The response will include the following parameters:
status: Indicates the status of the request.
message: Provides additional information or error messages.
data: An empty object.
{"email":"user@example.com"}OK
This endpoint allows the user to reset their password by providing their email.
Request Body
email (string, required): The email address for which the password needs to be reset.
Response
status (string): The status of the request.
message (string): A message related to the status of the request.
data (object): The data object containing the temporary token.
tempToken (object): The temporary token object.
token (string): The temporary token value.
token_type (string): The type of the token.
expiresIn (number): The expiration time of the token in seconds.
{"email":"mail@example.com"}OK
Validates a verification token during the password reset or account recovery process.
Request
The request requires a JSON body with the following fields:
token: A 6-digit verification code sent to the user's email or phone
tempToken: A temporary JWT authentication token provided after initiating the password reset process
Response
The response contains the following structure:
status: Indicates if the verification token validation was successful
message: A brief message confirming the success of the validation
data: Null, as no additional data is returned for this operation
This endpoint serves as an intermediate step in the password reset flow, validating that the user has access to their registered email or phone number by confirming receipt of the verification code. The successful validation indicates that the provided verification token matches the expected value and the temporary token is still valid.
After successful validation through this endpoint, the user would typically proceed to the next step in the flow, such as setting a new password via a separate endpoint. This validation step adds an additional layer of security to ensure that only authorized users can complete the password reset process.
{"token":"174221","tempToken":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY4MGI4ZjViMDMxMjdhNGZkNzExMGUzOCIsImlhdCI6MTc0NTkyOTg0MCwiZXhwIjoxNzQ1OTMxOTQyfQ.l2Psi5J-e2PM5598Z81TkhjCz67Eba4CGyIjWUR8H7mXPIZb-DrO2jyoIECW2h6ZlodnU8Pn9i3fyWTMj6gHJoudw9OllQHjtNX7cLc8XiI4x2knkYnjT80CyxbDFmz09p9Zxs7JkoGHNWZQBfY_UWvdeNd0jhvN0tyaPIz4SlX-zXFN7CJgltsOh7mOU-8v_6vu2r7HXNc3je2tuwYuyWVP8W-c_1IFSM7UqMvLKcAoQzUvlRX7XWX2qii7S1FjWLafK6rBhAn6dHyf9slQvpEa0wJ5KJ4VVPm9XIh19YKjNS8EjFJsuDlOu5fq4lJokhKbtMD68QLTNUw4US8iEA"}OK
Changes a user's password using a verification token and temporary authentication token.
Request
The request requires a JSON body with the following fields:
token: A 6-digit verification code sent to the user's email or phone
tempToken: A temporary JWT authentication token provided after initiating the password change process
password: The new password that meets the system's password requirements
Response
The response contains the following structure:
status: Indicates if the password change operation was successful
message: A descriptive message confirming the password was successfully changed
data: An empty object, as no additional data is returned for this operation
The successful response indicates that the provided verification token was valid, the temporary token had not expired, and the new password met the system's requirements. After this operation, the user will need to use their new password for future authentication attempts.
The password change process is part of a secure two-factor authentication flow that requires both possession of the temporary token (received after initiating the password change request) and knowledge of the verification code (sent to the user's verified contact method).
{"token":"284818","tempToken":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY3Zjg2ODNlZTVkY2Q5MzYzZmQwYTk3YiIsImlhdCI6MTc0NDMzNTcyNCwiZXhwIjoxNzQ0MzM3ODI2fQ.uxrQIZ5jfLM-WmL3Hz0ydUnLTAybVpqX1oMcJvRoRgkV8MNeAsYFvG-tIuBSHXwqfI3sK_aDCCfhW2Pk8kcq0a1pyzyB-r6XyZh8H-HPK7phU-tvD2iMDjHqUdyksZZeoSG4iGUXyG3lrm8cqqt6idMYjwMmoXwYlRue5f3VIpEzaqkQUasge6JImG5tfo_8l2Tl_ZzrzRdCGhFh-VV7AVAyFAuGLetb5jKymluS4JteWcwiEE3fKd8mR8Lh41kLEmf9n6JbkwwGmn_miLedF2xckizsLgXOUI79Vd1oE_uBT_SpcjaZCyJ-3lRrH3t0tfltXDp2pnZmFHtcqiX-Lw","password":"1234@Abcd"}OK