Routes

You'll find here the routes exposed by FastAPI Users. Note that you can also review them through the interactive API docs.

Unauthenticated

POST /register

Register a new user.

Payload

{
    "email": "king.arthur@camelot.bt",
    "password": "guinevere"
}

201 Created

{
    "id": "57cbb51a-ab71-4009-8802-3f54b4f2e23",
    "email": "king.arthur@camelot.bt",
    "is_active": true,
    "is_superuser": false
}

422 Validation Error

400 Bad Request

A user already exists with this email.

POST /login

Login a user.

Payload (application/x-www-form-urlencoded)

username=king.arthur@camelot.bt&password=guinevere

200 OK

{
    "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoiOTIyMWZmYzktNjQwZi00MzcyLTg2ZDMtY2U2NDJjYmE1NjAzIiwiYXVkIjoiZmFzdGFwaS11c2VyczphdXRoIiwiZXhwIjoxNTcxNTA0MTkzfQ.M10bjOe45I5Ncu_uXvOmVV8QxnL-nZfcH96U90JaocI"
}

422 Validation Error

400 Bad Request

Bad credentials or the user is inactive.

POST /forgot-password

Request a reset password procedure. Will generate a temporary token and call the defined on_after_forgot_password if the user exists.

To prevent malicious users from guessing existing users in your databse, the route will always return a 202 Accepted response, even if the user requested does not exist.

Payload

{
    "email": "king.arthur@camelot.bt"
}

202 Accepted

POST /reset-password

Reset a password. Requires the token generated by the /forgot-password route.

Payload

{
    "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoiOTIyMWZmYzktNjQwZi00MzcyLTg2ZDMtY2U2NDJjYmE1NjAzIiwiYXVkIjoiZmFzdGFwaS11c2VyczphdXRoIiwiZXhwIjoxNTcxNTA0MTkzfQ.M10bjOe45I5Ncu_uXvOmVV8QxnL-nZfcH96U90JaocI",
    "password": "merlin"
}

200 OK

422 Validation Error

400 Bad Request

Bad or expired token.

Authenticated

GET /me

Return the current authenticated active user.

200 OK

{
    "id": "57cbb51a-ab71-4009-8802-3f54b4f2e23",
    "email": "king.arthur@camelot.bt",
    "is_active": true,
    "is_superuser": false
}

401 Unauthorized

Missing token or inactive user.

PATCH /me

Update the current authenticated active user.

Payload

{
    "email": "king.arthur@tintagel.bt",
    "password": "merlin"
}

200 OK

{
    "id": "57cbb51a-ab71-4009-8802-3f54b4f2e23",
    "email": "king.arthur@tintagel.bt",
    "is_active": true,
    "is_superuser": false
}

401 Unauthorized

Missing token or inactive user.