Returning.AI
  1. Auth
Returning.AI
  • Returning.AI
    • APIs
      • Authentication
      • System API
        • Auth
          • Secure Auth
            GET
          • register
            POST
          • verify email
            POST
          • login
            POST
        • Server
          • create new server
          • get my servers
          • update server
          • role list of server
          • channel list of server
        • Channel
          • get channels list
          • create new channel
          • update channel
          • delete channel
        • Role
          • create new role
          • update role
          • delete role
          • add role to a user on a server
          • remove role from a user on a server
          • get role list of user on a server
        • Badge
          • get badges list
          • create new badge
          • update badge
          • delete badge
          • award badge to user
          • remove badge from user
      • Application API
        • Community Users
          • Get community users
          • Get user
        • User Fields
          • Get All User Fields
          • Get Specific User Field
          • Create Custom User Field
          • Update user field
          • Delete user field
        • User Field Histories
          • Get all user field histories in a community
          • Get user field histories for a specific field
          • Get user field histories for a specific user
          • Get user field histories of specific user field and user
          • Create user field history for specific user
      • Integration API
        • Users
          • Get Users with Filters
          • Create New User
          • Get User Data
          • Manage User Account
          • Get User Gamification History
          • Get User Gamification Stats
          • Bulk Import
          • Bulk Update
        • Messages
          • Get Messages
          • Send Message
          • Reply Message
          • React Message
        • Channels
          • Get Channels List
      • User API
        • API key
          • api key info
          • Delete Endpoint
          • Update User Api Key
          • Post User Api Key
          • Get User Api Key
        • Messages
          • Send Message
          • Reply Message
          • React Message
    • Channels
      • Iframe
    • Events
      • Outgoing webhooks
        • Encryption
        • User Joins Server
        • User Visits server
        • New Message Posted Anywhere
        • New Message Posted To channel
        • Purchased Store Item
      • Incoming webhooks
        • API Keys & Encryption
        • Send message into channels
        • Update Custom User Fields
        • Update In-game currency
    • Widgets
      • Channels
      • Leaderboard
      • Milestone
      • Socials
      • Store
  1. Auth

Secure Auth

GET
https://cname.yourdomain.com/api/secureAuth
This endpoint authenticates a user and log them into the community.

Authorization#

API Key required.
Found in community settings > Login Management > API key
Include an X-API-Key in the request header with the key.

Fields#

action#

Specifies the action to perform.
Use "login" to log a user into the community.
ie: "action": "login"

userId#

The username of the user logging in.

accessLevel#

Defines the starting role assigned to the user in the community (including the @all role).
Note: For existing users, their roles will not be changed.
Configure in Community Settings → Login Management. Click the + next to Login API to add access levels.
image.png
The value entered when creating an access level becomes the identifier used in this API.Example set up:
image.png

Use case#

This endpoint works for both existing and new users, but the required fields differ.

Required fields (For existing users)#

Logs an existing user into the community.
{
    "action": "login",
    "userId": "johndoe",
    "accessLevel": 1
}

Flow example:#

1.
User logs into your platform.
2.
Call Get User Data with the user’s email to check if they exist.
3.
If the user exists, use the username from the response as the userId to log them in.
4.
If the user does not exist, create one with Create New User.
5.
After creation, use the new username to log in.
6.
Redirect users to the URL in the response
Best Practice!
Save the username along with your user’s information in your own database.
This prevents unnecessary repeated calls to the Get User Data API and ensures you always have a reliable reference for logging users in.

Required fields (For new users)#

Creates a new user in the community and logs them in with the roles in the access level.
Important!!
Do not rely on this endpoint to create new users directly unless you can guarantee unique usernames. If a duplicate username is used here, the user may be logged into the wrong account. Use the dedicated Create User API instead, since it provides proper error handling.
{
    "action": "login",
    "userId": "johndoe",
    "accessLevel": 1
    "email": "johndoe@gmail.com",
    "firstname": "john".
    "lastname": "doe",
    "displayname": "john doe" 
}
Redirect users to the URL in the response.

Request

Query Params

Header Params

Request Code Samples

Shell
JavaScript
Java
Swift
Go
PHP
Python
HTTP
C
C#
Objective-C
Ruby
OCaml
Dart
R
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request GET 'https://cname.yourdomain.com/api/secureAuth?accessLevel=0&action=login&userId=<Username>&email=<Email>&firstname=<First Name>&lastname=<Last Name>&displayname=<Display Name>' \
--header 'apiKey: API_KEY_HERE' \
--header 'hostname: cname.yourdomain.com'

Responses

🟢200Success
application/json
Body

Example
{
    "error": false,
    "loginUrl": "https://cname.yourdomain.com/v2/app/loginApi/[API_KEY]/2?token= [token]&host=[cname.yourdomain.com]",
    "sessionId": "xxxxxxxxxxxxxxxxx"
}
Modified at 2025-09-12 09:00:30
Previous
System API
Next
register