Sign Up API

The Sign up with credentials includes 2 APIs

1. Sign Up

Endpoint

POST /auth/signup

Payload

1 2 3 4 5 6 7 8 9 { "username": "user_123", "email": "example@domain.com", "phone_prefix": "+92", "phone_number": "30142353150", "password": "password", "timezone": "Asia/Dubai", // UAE timezone format "accept_policies": true // Make user agree with the terms of use and policies. }

Response

1 2 3 4 5 6 { "success": true, "otp_id": "6661902bb6c41aba2ac07fc3", // This OTP ID must be sent when submitting the OTP. "msg": "Verification Email sent to example@domain.com", "redirect_url": "/auth/signup/verify-otp?otp_id=6661902bb6c41aba2ac07fc3" // Only for Web to directly use pre-composed url. }

2. Callback

Endpoint

POST /auth/signup/callback

Payload

The OTP Id obtained from submitting the credentials.

1 2 3 4 { "otp_id": "66150428c953c3d56112fbce", // OTP ID optained from signup api. "otp": "12345" }

Response

Successful Response
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 { "success": true, "msg": "You're Resgistered successfully !", "user": { "username": "user_123", "register_provider": "urbanfits", "image": "/website-copyrights/default-pfp.webp", "phone_prefix": "+92", "phone_number": "30142353150", "email": "example@domain.com", "password": "U2FsdGVkX1/xe04hrg0sOQRl8wAjE/Y9U8nFc2tMPlc=", "two_fa_enabled": false, "role": "customer", "is_active": true, "uf_wallet": { "card_number": "70517176715488753497", "bar_code": "/uf-wallet-barcodes/70517176715488753497" }, "last_checkin": "2024-06-06T10:49:13.345Z", "timezone": "Asia/Karachi", "user_agent": "eyJhbGciOiJIUzI1NiJ9.UG9zdG1hblJ1bnRpbWUvNy4zNy4z.lYd97Uv60STIestaaO3UO_aiP7G10yEmi_XG22KbOPo", "purchases": 0, "_id": "6661967e061f9d6e964d7b69", "createdAt": "2024-06-06T00:00:00.000Z", "updatedAt": "2024-06-06T00:00:00.000Z", "__v": 0 } }

Along with all the user profile data, 2 mandatory Set-Cookie headers will be sent as mentioned in Api Prerequisites. These 2 headers should be configured accordingly in the browser so that it sends them back with all API calls. And as for mobile application, they should be saved as they are and should be set in the API request headers.
The default user session expiration will be 7 days. If the user checks the remeber me box while signing in, the session will be extended upto 30 days.

1 2 Set-Cookie: session-token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2NWRkYjc0OTZhMDljYTI5MGJlYzg4YjIiLCJ1c2VybmFtZSI6Il9zYWFkXyIsImVtYWlsIjoiYmluYXJzaGFkc2FhZDZAZ21haWwuY29tIiwicmVnaXN0ZXJfcHJvdmlkZXIiOiJ1cmJhbmZpdHMiLCJ1c2VyX2FnZW50IjoiZXlKaGJHY2lPaUpJVXpJMU5pSjkuVFc5NmFXeHNZUzgxTGpBZ0tGZHBibVJ2ZDNNZ1RsUWdNVEF1TURzZ1YybHVOalE3SUhnMk5Da2dRWEJ3YkdWWFpXSkxhWFF2TlRNM0xqTTJJQ2hMU0ZSTlRDd2diR2xyWlNCSFpXTnJieWtnUTJoeWIyMWxMekV5TXk0d0xqQXVNQ0JUWVdaaGNta3ZOVE0zTGpNMklFOVFVaTh4TURrdU1DNHdMakEubU45LS02Uy1FbzF2YndyNTJQQkhJUHl6b1pMb3FISVNRdEtxUGhXOEZhdyIsInRpbWV6b25lIjoiQXNpYS9LYXJhY2hpIiwidHdvX2ZhX2VuYWJsZWQiOmZhbHNlLCJ1Zl93YWxsZXQiOnsiY2FyZF9udW1iZXIiOiI3MDUxNzA5MDI5MTkyMTI0NzY1NiIsImJhcl9jb2RlIjoiL3VmLXdhbGxldC1iYXJjb2Rlcy83MDUxNzA5MDI5MTkyMTI0NzY1NiIsImxhc3Rfc3Bpbl9yZXdhcmQiOjIwMCwibGFzdF91Zl9zcGluIjoiMjAyNC0wNS0wOVQyMzo1OTo1OS4wMDBaIiwibmV4dF91Zl9zcGluIjoiMjAyNC0wNS0xMVQwMDowMDowMC4wMDBaIn0sImxhc3RfY2hlY2tpbiI6IjIwMjQtMDUtMjFUMjM6NTk6NTkuOTk5WiIsImNyZWF0ZWRBdCI6IjIwMjQtMDItMjdUMDA6MDA6MDAuMDAwWiIsInJvbGUiOiJhZG1pbmlzdHJhdG9yIiwiaWF0IjoxNzE3Njc1NzgyLCJleHAiOjE3MjAyNjc3ODJ9.8JnNPdl0eYb-xmTUVJw7E_GJBvqQNhP_DfFAp22VlBc; Max-Age=2592000; Domain=.urbanfits.ae; Path=/; HttpOnly; Secure; Priority=High; SameSite=None Set-Cookie: is_logged_in=true; Max-Age=2592000; Domain=.urbanfits.ae; Path=/; Secure; Priority=High; SameSite=None
Incorrect OTP
1 2 3 4 { success: false, msg: "The OTP is incorrect." }