APIs
Passage APIs provide a flexible solution to integrate Passage into your existing auth systems.
The APIs are organized around REST principles. They utilize predictable resource-oriented URLs, accept form-encoded request bodies, return JSON-encoded responses, and use standard HTTP response codes, authentication, and verbs.
Passage SDKs are available for simplified integration with your app. However, for more advanced or unsupported use cases, the APIs can be used directly.
Server side requests are made to the Passage Management Flex SDK API (opens in a new tab).
Base URL
https://api.passage.id/v1Neccessary values
API keys
Apps must utilize API keys to authenticate with the Passage API. To generate an API key, navigate to Settings > API Keys in the Passage Console.
The HTTP Authorization request header must be sent with the API key in the following format:
"Authorization": "Bearer {PASSAGE_API_KEY}"
App settings page in Passage ConsoleApp ID
The App ID is a unique identifier for your app, used to identify the app in the Passage system. The App ID is required for all API requests.
Errors
Passage supports conventional HTTP response codes.
2xx codes indicate success.
4xx codes indicate an error with the information provided in the request.
5xx codes indicate a Passage server error.
Error properties
| Property | Data Type |
|---|---|
code | string Enum |
error | string |
400 Bad Request
Invalid request errors are returned when the request is missing required parameters or the parameters are invalid.
Swagger docs (opens in a new tab)
401 Unauthorized
Login failures and invalid request data. An invalid access token occurs when the API key is expired, revoked, or invalid. See API key.
Swagger docs (opens in a new tab)
403 Forbidden
Returned when the user does not have the necessary permissions to access the resource.
Swagger docs (opens in a new tab)
404 Not Found
Resource not found.
Swagger docs (opens in a new tab)
500 Internal Server Error
Problem with the Passage server.