<aside> ⚠️ This documentation is a work in progress! XIVAuth is still undergoing active development and the API surface described in this document is incomplete. Things documented in this page may not exist yet or may change slightly between now and release.

</aside>

Authenticating to the API

Please refer to Authenticating to the API for information about the OAuth process used by XIVAuth.

Characters API

The Characters API allows services to view (and in some cases manage) characters for authentication purposes. The following routes are defined:

`GET /characters`: List All Characters

`GET /characters/{lodestone_id}`: Get Character

`POST /characters`: Register new Character

`PUT|PATCH /characters/{lodestone_id}`: Update Character Data

`DELETE /characters/{lodestone_id}`: Remove Character

`POST /characters/{lodestone_id}/refresh`: Sync Character with Lodestone

`GET /characters/{lodestone_id}/jwt`: Get JWT Attestation for Character

`POST /characters/{lodestone_id}/verify`: Attempt Verification for Character

`DELETE /characters/{lodestone_id}/verify`: Unverify a Character

Users API

`GET /user`: Get the current user

`GET /user/jwt`: Get JWT Attestation for current user

JWT Attestation API

The JWT API allows services to validate JWT Attestations received from other services, as well as receive a list of all valid signing keys in JWKS format. This API supports authentication via client credentials.

Authenticating to the API

Characters API

GET /characters: List All Characters

GET /characters/{lodestone_id}: Get Character

POST /characters: Register new Character

PUT|PATCH /characters/{lodestone_id}: Update Character Data

DELETE /characters/{lodestone_id}: Remove Character

POST /characters/{lodestone_id}/refresh: Sync Character with Lodestone

GET /characters/{lodestone_id}/jwt: Get JWT Attestation for Character

POST /characters/{lodestone_id}/verify: Attempt Verification for Character

DELETE /characters/{lodestone_id}/verify: Unverify a Character