API docs
ShareOTP Public API
Automate account management, team invites, user access, and code delivery using admin-issued API keys. All API keys operate on a single organization.
Authentication
API requests authenticate using an admin-created API key. Keys are created in Admin → Settings → API access. Users endpoints additionally require the key creator to still be an active admin.
Send the key as a Bearer token. We also accept X-API-Key.
curl https://your-domain.com/api/v1/accounts \ -H "Authorization: Bearer sk_shareotp_..."
IP allowlist
Optionally restrict API access to specific IP addresses. Add one IP per line in Admin Settings. Requests must match exactly.
SCIM provisioning
SCIM uses a separate workspace-scoped bearer token from Admin Settings, not the admin API keys used for the public REST API. Use SCIM when your identity provider should create, update, or deprovision ShareOTP users.
Endpoints
curl https://your-domain.com/api/v1/accounts \
-H "Authorization: Bearer sk_shareotp_..." \
-H "Content-Type: application/json" \
-d '{
"name": "GitHub",
"issuer": "GitHub",
"tags": ["engineering", "prod"],
"secret": "JBSWY3DPEHPK3PXP"
}'curl "https://your-domain.com/api/v1/users?q=alice" \ -H "Authorization: Bearer sk_shareotp_..."
curl https://your-domain.com/api/v1/users/invitations \
-H "Authorization: Bearer sk_shareotp_..." \
-H "Content-Type: application/json" \
-d '{
"email": "[email protected]",
"role": "MEMBER"
}'curl "https://your-domain.com/api/v1/accounts/codes?ids=acct_123,acct_456" \ -H "Authorization: Bearer sk_shareotp_..."
curl https://your-domain.com/api/v1/accounts/acct_123/permissions \
-H "Authorization: Bearer sk_shareotp_..." \
-H "Content-Type: application/json" \
-d '{
"action": "grant",
"email": "[email protected]"
}'Errors
Errors return JSON with an error message and a relevant HTTP status code.
{
"error": "Unauthorized"
}OpenAPI spec
Download the OpenAPI spec for tooling integrations or client generation.