Trout Logo

API Documentation

Introduction

Welcome to Tarout Auth API documentation

Introduction

Tarout Auth is a comprehensive authentication API that provides secure user authentication and SSO capabilities for your applications.

Key Features

  • Authentication as a Service: Secure authentication API for your applications
  • Multi-tenant Architecture: Support for multiple projects and applications
  • SSO Integration: OAuth-like flow for seamless user authentication
  • Project User Management: Separate user pools for each project
  • JWT Authentication: Secure token-based authentication with RSA signatures

Base URL

https://api.tarout-auth.com/api/v1

Authentication

Tarout Auth uses JWT (JSON Web Tokens) for authentication. Most endpoints require an access token to be included in the request headers:

Authorization: Bearer YOUR_ACCESS_TOKEN

API Keys

For backend-to-backend communication, use API keys. Each project can have up to 5 API keys, each consisting of a Client ID and Client Secret pair.

Obtaining API Keys

  1. Log into the Tarout Auth Platform
  2. Navigate to your project
  3. Go to "Integrate your backend" section
  4. Create your API key (up to 5 allowed per project)
  5. Important: Copy the Client Secret immediately as it won't be shown again

Multiple API Keys Use Cases

  • Environment Separation: Use different keys for development, staging, and production
  • Service Isolation: Assign specific keys to different microservices
  • Key Rotation: Create new keys before retiring old ones
  • Partner Access: Provide separate keys for third-party integrations

Using API Keys

Include your API credentials in the request headers:

X-Client-Id: ck_your_32_character_client_id
X-Client-Secret: cs_your_32_character_client_secret