Skip to content
My Docs

Sign up

POST
/users

Will create a new user and generate a session token for the user. This endpoint is used for both email and phone sign up.

Sign Up by Phone Flow:

  1. Validate request.
    - phoneNumber, userType and otpCode is required
    - userType should be a valid one(DNT,HYG).
  2. Validate phone should not be registered before.
  3. get OTP code from cache and validate it. (cache set in POST /otp)
  4. Validate OTP code from request should be the same as the one in cache.
  5. Generate mongoID and insert to DB
    - Insert to user table
    - Insert to device table
    - Generate refresh token and insert to refresh_token table
  6. Delete OTP code from cache
  7. Generate JWT access token and return to user.
  8. Publish events
    - AUTH_USER_CREATED
    - NEW_DEVICE_TOKEN

Sign Up by Email Flow:

  1. Validate request.
    - email and password are required.
    - email should be a valid email.
    - Override email to lowercase.
    - Validate password criteria(length should be >=8)
  2. Validate email should not be registered before.
  3. Generate mongoID and insert to DB
    - Insert to user table
    - Insert to device table
    - Generate refresh token and insert to refresh_token table
  4. Generate JWT access token and return to user.
  5. Publish events
    - AUTH_USER_CREATED
    - NEW_DEVICE_TOKEN

Authorizations

Section titled “Authorizations ”

Request Body

Section titled “Request Body ”

SignUpRequest

object
email

Required if type is email

string
ivan+rdh+fl@joingotu.com
id
string
65b9fc0589526f00117cd4d2
otpCode

Required if type is phone

string
22222
password

Required if type is email

string
password
phoneNumber

Required if type is phone

string
+6282243350992
referralID
string
65b9fc0589526f00117cd4d2
source
string
app
type

Email | phone

string
Allowed values: phone email 
email
userType

DNT | HYG | ADM

string
HYG

Responses

Section titled “ Responses ”

200

Section titled “200 ”

OK

object
data
object
accessToken
string
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhdXRoLXNlcnZpY2UiLCJzdWIiOiI2NWI4YTE2MjYzNTEyNjAwMTI3YTQxYTQiLCJleHAiOjE3MzkyNzYwNzMsIm5iZiI6MTczOTI3NTE3MywiaWF0IjoxNzM5Mjc1MTczLCJqdGkiOiJjdWxqbjlhc3A1anJmam83NWdiZyIsImlkIjoiNjViOGExNjI2MzUxMjYwMDEyN2E0MWE0IiwidXNlclR5cGUiOiJETlQiLCJpc0FkbWluIjp0cnVlLCJkZXZpY2VJZCI6MzE4M30.ZuzROGxJ1pq_veRe93Z8bfS5YTzmAp5_wrzTUmvLzk8
expiresIn
integer
900
refreshToken
string
culjn9asp5jrfjo75gc0
tokenType
string
Bearer

400

Section titled “400 ”

Bad request

object
error
string
some meaningful error message

401

Section titled “401 ”

Unauthorized

object
error
string
some meaningful error message

403

Section titled “403 ”

Forbidden

object
error
string
some meaningful error message

500

Section titled “500 ”

Internal server error

object
error
string
some meaningful error message