Email registration. Requires
confirm_success_url params (this last one can be omitted if you have set
config/initializers/devise_token_auth.rb). A verification email will be sent to the email address provided. Upon clicking the link in the confirmation email, the API will redirect to the URL specified in
confirm_success_url. Accepted params can be customized using the
Account deletion. This route will destroy users identified by their
Account updates. This route will update an existing user's account settings. The default accepted params are
password_confirmation, but this can be customized using the
devise_parameter_sanitizer system. If
config.check_current_password_before_update is set to
current_password param is checked before any update, if it is set to
current_password param is checked only if the request updates user password.
Email authentication. Requires
password as params. This route will return a JSON representation of the
User model on successful login along with the
client in the header of the response.
Use this route to end the user's current session. This route will invalidate the user's authentication token. You must pass in
access-token in the request headers.
Set this route as the destination for client authentication. Ideally this will happen in an external window or popup. Read more.
Destination for the oauth2 provider's callback uri.
postMessage events containing the authenticated user's data will be sent back to the main client window from this page. Read more.
Use this route to validate tokens on return visits to the client. Requires
access-token as params. These values should correspond to the columns in your
User table of the same names.
Use this route to send a password reset confirmation email to users that registered by email. Accepts
redirect_url as params. The user matching the
email param will be sent instructions on how to reset their password.
redirect_url is the url to which the user will be redirected after visiting the link contained in the email.
Use this route to change users' passwords. Requires
password_confirmation as params. This route is only valid for users that registered by email (OAuth2 users will receive an error). It also checks
config.check_current_password_before_update is not set
false (disabled by default).
Verify user by password reset token. This route is the destination URL for password reset confirmation. This route must contain
redirect_url params. These values will be set automatically by the confirmation email that is generated by the password reset request.
Re-sends confirmation email. Requires
email and accepts
redirect_url params (this last one can be omitted if you have set