Register a new User

POST /auth/signup

Create a new player account.

Current behavior:

Creates a user.
If project email_verification_required is enabled, sends OTP email and returns success with no tokens yet.
If email verification is disabled, returns access and refresh tokens immediately.

Base URL examples

POST http://localhost:8001/auth/signup
POST http://localhost:8000/client/auth/signup

Required headers

x-client-id: <project_client_id>
x-client-secret: <project_client_secret>
Content-Type: application/json

If either client credential header is missing or invalid, the API returns 401.

Request

Responses

Successful Response

Request body

{
  "email": "player@example.com",
  "password": "StrongPassword123"
}

Response behavior

{
  "success": true,
  "access_token": "jwt-or-null",
  "refresh_token": "jwt-or-null",
  "message": "human-readable status"
}

When OTP verification is required, both token fields are null until POST /auth/verify-otp succeeds.

Note: The request schema may allow password: null, but current service implementation hashes password during signup. For passwordless auth, use POST /auth/login with password: null and then POST /auth/verify-otp.

cURL example

curl -X POST "http://localhost:8001/auth/signup" \
  -H "x-client-id: <client-id>" \
  -H "x-client-secret: <client-secret>" \
  -H "Content-Type: application/json" \
  -d '{"email":"player@example.com","password":"StrongPassword123"}'

Register a new User

/auth/signup

Base URL examples​

Required headers​

Request​

Responses​

Request body​

Response behavior​

cURL example​