APIs

Passage APIs provide a flexible solution to integrate Passage into your existing auth systems.

The APIs are organized around REST principles. They utilize predictable resource-oriented URLs, accept form-encoded request bodies, return JSON-encoded responses, and use standard HTTP response codes, authentication, and verbs.

Passage SDKs are available for simplified integration with your app. However, for more advanced or unsupported use cases, the APIs can be used directly.

Server side requests are made to the Passage Management Flex SDK API.

Base URL

https://api.passage.id/v1

Neccessary values

API keys

Apps must utilize API keys to authenticate with the Passage API. To generate an API key, navigate to Settings > API Keys in the Passage Console.

The HTTP Authorization request header must be sent with the API key in the following format:

"Authorization": "Bearer {PASSAGE_API_KEY}"
App settings pageApp settings page in Passage Console

App ID

The App ID is a unique identifier for your app, used to identify the app in the Passage system. The App ID is required for all API requests.

Errors

Passage supports conventional HTTP response codes.

2xx codes indicate success.

4xx codes indicate an error with the information provided in the request.

5xx codes indicate a Passage server error.

Error properties

PropertyData Type
codestring Enum
errorstring

400 Bad Request

Invalid request errors are returned when the request is missing required parameters or the parameters are invalid.

Swagger docs

401 Unauthorized

Login failures and invalid request data. An invalid access token occurs when the API key is expired, revoked, or invalid. See API keys.

Swagger docs

403 Forbidden

Returned when the user does not have the necessary permissions to access the resource.

Swagger docs

404 Not Found

Resource not found.

Swagger docs

500 Internal Server Error

Problem with the Passage server.

Swagger docs