API integration


This guide covers some important topics for getting started with Corbado's Backend API.

(No) existing user base

As the API integration offers full flexibility it can be used with or without existing user bases. The individual flows for these two cases can be customized by yourself.

Configure your application

Create a .env file in your application.
Setup an AUTHORIZED_ORIGIN which will be the origin of your application and the BACKEND_API_URL of the Corbado Backend API.

API authentication

To authenticate against the Corbado Backend API, you need to set the project ID as well as the API secret in your API requests.
All endpoints are authenticated via HTTP Basic Auth. This means setting an authorization header using project ID as username and API secret as password.
Basic <<project ID>>:<<API secret>>
The authorization header needs to be Base64 encrypted.
If the authorization header is missing or incorrect, the API will respond with 401.
Security scheme type
HTTP authorization scheme