API docs

ShareOTP Public API

Automate account management, team invites, user access, and code delivery using admin-issued API keys. All API keys operate on a single organization.

On this page:Overview Authentication IP allowlist Endpoints Errors OpenAPI

Authentication

API requests authenticate using an admin-created API key. Keys are created in Admin → Settings → API access. Users endpoints additionally require the key creator to still be an active admin.

Authorization header

Send the key as a Bearer token. We also accept X-API-Key.

curl https://your-domain.com/api/v1/accounts \
  -H "Authorization: Bearer sk_shareotp_..."

IP allowlist

Optionally restrict API access to specific IP addresses. Add one IP per line in Admin Settings. Requests must match exactly.

Endpoints

Method

Path

Description

GET

/api/v1/accounts

List accounts

POST

/api/v1/accounts

Create account

GET

/api/v1/accounts/{accountId}

Fetch account details

PATCH

/api/v1/accounts/{accountId}

Update account

DELETE

/api/v1/accounts/{accountId}

Delete account

GET

/api/v1/accounts/codes?ids=...

Fetch TOTP codes

POST

/api/v1/accounts/{accountId}/export

Export account secret

GET

/api/v1/accounts/{accountId}/permissions

List account access

POST

/api/v1/accounts/{accountId}/permissions

Grant or revoke access

GET

/api/v1/audit

List audit logs

GET

/api/v1/users

List users and pending invites

POST

/api/v1/users/invitations

Create a user invitation

DELETE

/api/v1/users/{userId}

Remove (disable) a user

Create an account

curl https://your-domain.com/api/v1/accounts \
  -H "Authorization: Bearer sk_shareotp_..." \
  -H "Content-Type: application/json" \
  -d '{
    "name": "GitHub",
    "issuer": "GitHub",
    "tags": ["engineering", "prod"],
    "secret": "JBSWY3DPEHPK3PXP"
  }'

List users and invites

curl "https://your-domain.com/api/v1/users?q=alice" \
  -H "Authorization: Bearer sk_shareotp_..."

Create a user invite

curl https://your-domain.com/api/v1/users/invitations \
  -H "Authorization: Bearer sk_shareotp_..." \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "role": "MEMBER"
  }'

Fetch codes

curl "https://your-domain.com/api/v1/accounts/codes?ids=acct_123,acct_456" \
  -H "Authorization: Bearer sk_shareotp_..."

Grant access

curl https://your-domain.com/api/v1/accounts/acct_123/permissions \
  -H "Authorization: Bearer sk_shareotp_..." \
  -H "Content-Type: application/json" \
  -d '{
    "action": "grant",
    "email": "[email protected]"
  }'

Errors

Errors return JSON with an error message and a relevant HTTP status code.

{
  "error": "Unauthorized"
}

OpenAPI spec

Download the OpenAPI spec for tooling integrations or client generation.

Download openapi.yaml