Frontegg offers a comprehensive suite of authentication, user management, and security features to streamline identity management and enhance application security. This section provides an overview of all relevant API endpoints, organized into Authentication, Management, and Self-Service categories.
Authentication Endpoints: Enable secure user login, multi-factor authentication (MFA), passwordless options, and social login integrations, allowing for a flexible and robust sign-in experience.
Management Endpoints: Require environment-level authorization and provide full control over SSO (SAML and OpenID Connect) resources, user roles, permissions, and configurations. These endpoints are designed for administrative use, allowing for centralized identity and access management.
Self-Service Endpoints: Accessible with a user token (JWT), these endpoints empower users to manage their SSO connections and other account settings. Users with the necessary permissions can create, update, or delete SSO configurations directly, ensuring they have the tools to manage their access securely and independently.
Each category in this section helps you configure and extend Frontegg’s capabilities, providing the flexibility to manage user identities, authentication protocols, and access controls as per your application’s needs.
https://api.frontegg.com/identity/
https://api.us.frontegg.com/identity/
https://api.ca.frontegg.com/identity/
https://api.au.frontegg.com/identity/
https://{domain}.frontegg.com/identity/
Retrieve a paginated list of all user phone numbers associated with your environment.
This endpoint returns user phone numbers along with pagination metadata and navigation links. It supports filtering, sorting, and offset-based pagination for efficient querying.
Query parameters (optional):
_limit (number ≥ 1): Maximum number of items to return per page._offset (number ≥ 0): Number of items to skip (for pagination)._sortBy (string): Field to sort by. Allowed values: userId, phoneNumber._order (string): Sort order. Allowed values: ASC, DESC._phoneNumber (string): Filter by a specific phone number.Use this endpoint to list or search user phone numbers in a paginated format, ideal for administrative tools or reporting.
https://api.frontegg.com/identity/resources/users/phone-numbers/v1
https://api.us.frontegg.com/identity/resources/users/phone-numbers/v1
https://api.ca.frontegg.com/identity/resources/users/phone-numbers/v1
https://api.au.frontegg.com/identity/resources/users/phone-numbers/v1
https://app-xxx.frontegg.com/identity/resources/users/phone-numbers/v1
curl -i -X GET \
https://api.frontegg.com/identity/resources/users/phone-numbers/v1 \
-H 'Authorization: Bearer <YOUR_JWT_HERE>'{ "items": [ { … } ], "_links": { "next": "string", "prev": "string", "first": "string", "last": "string" }, "_metadata": { "totalItems": 0, "totalPages": 0 } }
Assign a new phone number to a user and optionally trigger a verification code.
By default, the system sends an SMS verification code to the provided phone number. To skip verification (e.g., for internal setup), set the verify field to false.
Request body must include:
phoneNumber: The new phone number to assign to the user. Must follow international format.verify (optional): Whether to send an SMS verification code. Defaults to true if not provided.Use this endpoint to set or update a user's phone number, with optional control over verification.
https://api.frontegg.com/identity/resources/users/phone-numbers/v1
https://api.us.frontegg.com/identity/resources/users/phone-numbers/v1
https://api.ca.frontegg.com/identity/resources/users/phone-numbers/v1
https://api.au.frontegg.com/identity/resources/users/phone-numbers/v1
https://app-xxx.frontegg.com/identity/resources/users/phone-numbers/v1
curl -i -X POST \
https://api.frontegg.com/identity/resources/users/phone-numbers/v1 \
-H 'Authorization: Bearer <YOUR_JWT_HERE>' \
-H 'Content-Type: application/json' \
-d '{
"phoneNumber": "string",
"verify": true
}'Send a one-time code (OTC) to the specified phone number to initiate verification.
This endpoint is used to pre-verify a phone number before associating it with a user account. It sends an SMS-based one-time code to the provided number.
Request body must include:
phoneNumber: The phone number to verify, in international format.Use this endpoint to validate ownership of a phone number by sending a one-time code for user input during onboarding or account setup.
https://api.frontegg.com/identity/resources/users/phone-numbers/v1/preverify
https://api.us.frontegg.com/identity/resources/users/phone-numbers/v1/preverify
https://api.ca.frontegg.com/identity/resources/users/phone-numbers/v1/preverify
https://api.au.frontegg.com/identity/resources/users/phone-numbers/v1/preverify
https://app-xxx.frontegg.com/identity/resources/users/phone-numbers/v1/preverify
curl -i -X POST \
https://api.frontegg.com/identity/resources/users/phone-numbers/v1/preverify \
-H 'Authorization: Bearer <YOUR_JWT_HERE>' \
-H 'Content-Type: application/json' \
-d '{
"phoneNumber": "string"
}'