Frontegg offers a comprehensive suite of authentication, user management, and security features to streamline identity management and enhance application security. This section provides an overview of all relevant API endpoints, organized into Authentication, Management, and Self-Service categories.
Authentication Endpoints: Enable secure user login, multi-factor authentication (MFA), passwordless options, and social login integrations, allowing for a flexible and robust sign-in experience.
Management Endpoints: Require environment-level authorization and provide full control over SSO (SAML and OpenID Connect) resources, user roles, permissions, and configurations. These endpoints are designed for administrative use, allowing for centralized identity and access management.
Self-Service Endpoints: Accessible with a user token (JWT), these endpoints empower users to manage their SSO connections and other account settings. Users with the necessary permissions can create, update, or delete SSO configurations directly, ensuring they have the tools to manage their access securely and independently.
Each category in this section helps you configure and extend Frontegg’s capabilities, providing the flexibility to manage user identities, authentication protocols, and access controls as per your application’s needs.
https://api.frontegg.com/identity/
https://api.us.frontegg.com/identity/
https://api.ca.frontegg.com/identity/
https://api.au.frontegg.com/identity/
https://{domain}.frontegg.com/identity/
Verify a user's phone number using a one-time code (OTC) that was sent via SMS.
This is the final step in the phone number verification process. After initiating verification via the pre-verification route, use this endpoint to confirm the phone number by submitting the OTC and code.
Request body must include:
otcToken: The token issued when the OTC was sent.code: The one-time code the user received on their phone.Use this endpoint to validate the user's ownership of the phone number and complete the verification process.
https://api.frontegg.com/identity/resources/users/phone-numbers/v1/verify
https://api.us.frontegg.com/identity/resources/users/phone-numbers/v1/verify
https://api.ca.frontegg.com/identity/resources/users/phone-numbers/v1/verify
https://api.au.frontegg.com/identity/resources/users/phone-numbers/v1/verify
https://app-xxx.frontegg.com/identity/resources/users/phone-numbers/v1/verify
curl -i -X POST \
https://api.frontegg.com/identity/resources/users/phone-numbers/v1/verify \
-H 'Authorization: Bearer <YOUR_JWT_HERE>' \
-H 'Content-Type: application/json' \
-d '{
"otcToken": "string",
"code": "string"
}'Initiate the deletion process for a user's phone number.
This endpoint begins the phone number removal workflow by sending a verification code to the user. The phone number will not be deleted until the verification step is completed.
Path parameters:
id: The unique identifier of the phone number to be deleted.Use this endpoint to trigger the secure deletion process for a user's phone number. A follow-up verification step is required to finalize the removal.
https://api.frontegg.com/identity/resources/users/phone-numbers/v1/{id}
https://api.us.frontegg.com/identity/resources/users/phone-numbers/v1/{id}
https://api.ca.frontegg.com/identity/resources/users/phone-numbers/v1/{id}
https://api.au.frontegg.com/identity/resources/users/phone-numbers/v1/{id}
https://app-xxx.frontegg.com/identity/resources/users/phone-numbers/v1/{id}
curl -i -X DELETE \
'https://api.frontegg.com/identity/resources/users/phone-numbers/v1/{id}' \
-H 'Authorization: Bearer <YOUR_JWT_HERE>'Verify the deletion of a user's phone number using a one-time code (OTC).
This is the final step in the phone number deletion process. After initiating deletion, the system sends a verification code to the user's phone. This endpoint confirms the deletion by validating the OTC and code.
Path parameters:
id: The unique identifier of the phone number to delete.Request body must include:
otcToken: The token issued during the deletion request.code: The one-time code sent to the user via SMS.Use this endpoint to securely complete the deletion of a user's phone number.
https://api.frontegg.com/identity/resources/users/phone-numbers/v1/{id}/delete/verify
https://api.us.frontegg.com/identity/resources/users/phone-numbers/v1/{id}/delete/verify
https://api.ca.frontegg.com/identity/resources/users/phone-numbers/v1/{id}/delete/verify
https://api.au.frontegg.com/identity/resources/users/phone-numbers/v1/{id}/delete/verify
https://app-xxx.frontegg.com/identity/resources/users/phone-numbers/v1/{id}/delete/verify
curl -i -X POST \
'https://api.frontegg.com/identity/resources/users/phone-numbers/v1/{id}/delete/verify' \
-H 'Authorization: Bearer <YOUR_JWT_HERE>' \
-H 'Content-Type: application/json' \
-d '{
"otcToken": "string",
"code": "string"
}'