API Reference

The AuthAction Management API documentation is hosted at authaction.readme.io. Use it to explore endpoints, view request/response schemas, and integrate with the API.

Accessing the API Docs

The complete API reference is available at:

https://authaction.readme.io/

The reference includes:

Authentication: Get access token for M2M client app
Applications: Create, list, update, and delete applications
ApiServers: Manage API resources for audience validation
Connections: Database, social, and passkey connections
Users: User management, roles, passkeys, and plans
Roles: Role-based access control
Organizations: Organization management
Organization Members: Members and roles within organizations
Passkey Plus: Registration and authentication transactions
Plans: Plan management and assignments

Obtaining M2M Tokens

To authenticate API requests, you need a Bearer token from the M2M token endpoint. This endpoint is tenant-specific:

POST https://<tenant>.<region>.authaction.com/oauth2/m2m/token

Replace <tenant> and <region> with your tenant name and region (e.g. eu, us).

Request body (JSON):

{
  "client_id": "<YOUR_M2M_CLIENT_ID>",
  "client_secret": "<YOUR_M2M_CLIENT_SECRET>",
  "audience": "https://<tenant>.<region>.authaction.com",
  "grant_type": "client_credentials"
}

Steps:

Create an M2M application in the AuthAction dashboard at authaction.com.
Grant it access to the AuthAction Management API.
Call the token endpoint with your client credentials.
Use the returned access_token in the Authorization: Bearer <token> header for all API requests.

For a full setup walkthrough, see Accessing the Management API.