Auth 与身份
终端用户身份认证即服务——用户、会话、JWT 校验、OAuth 与 GDPR/CCPA 同意——一把 key 打通 Clerk / WorkOS / Supabase Auth。
概览
基础路径:
https://api.infrai.cc/v1/auth鉴权头:
Authorization: Bearer $INFRAI_API_KEYbash
# Call any /v1/auth capability over raw HTTP — no SDK to install.
# curl:
curl https://api.infrai.cc/v1/auth/... \
-H "Authorization: Bearer $INFRAI_API_KEY" \
-H "Content-Type: application/json"方法
auth.user.create
POST /v1/auth/user/create
在身份认证 vendor(Clerk/WorkOS/Supabase Auth)中创建用户,并锁定记录 vendor(资源粘滞)。支持 idempotency_key。
参数
| 名称 | 类型 | 必填 | 说明 |
|---|---|---|---|
email | string | 必填 | 用户邮箱地址。 |
password | string | 可选 | 可选的初始密码(依赖 vendor)。 |
metadata | Record<string, unknown> | 可选 | 存储在用户上的任意键值元数据。 |
vendor | string | 可选 | 显式 vendor 锁定;mode=byok 时必填。 |
mode | "managed" | "byok" | 可选 | 预置模式——managed 或 byok。 |
idempotency_key | string | 可选 | 客户端提供的幂等键。 |
返回
AuthUser { user_id, email, email_verified, created_at }示例
一次性前置(每个范例都假定已完成):
bash
# No SDK to install — every call is a plain HTTPS request.
# Get a project key by signing in at the console: Google/GitHub gives you
# $2 free credit (email sign-in starts at $0). On 402 INSUFFICIENT_CREDIT,
# POST /v1/account/topup and open the returned checkout_url.
export INFRAI_API_KEY="ifr_pk_proj_..."bash
curl -X POST https://api.infrai.cc/v1/auth/user/create \
-H "Authorization: Bearer $INFRAI_API_KEY" \
-H "Content-Type: application/json" \
-d '{"email": "..."}'python
import os, requests
resp = requests.post(
"https://api.infrai.cc/v1/auth/user/create",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
json={'email': '...'},
)
resp.raise_for_status()
print(resp.json())javascript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/create",
{
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"email": "..."}),
},
);
console.log(await resp.json());typescript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/create",
{
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"email": "..."}),
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);auth.user.get
GET /v1/auth/user/get/{user_id}
按 user_id 从其锁定的 vendor 获取单个认证用户。
参数
| 名称 | 类型 | 必填 | 说明 |
|---|---|---|---|
user_id | string | 必填 | 用户 id。 |
返回
AuthUser示例
一次性前置(每个范例都假定已完成):
bash
# No SDK to install — every call is a plain HTTPS request.
# Get a project key by signing in at the console: Google/GitHub gives you
# $2 free credit (email sign-in starts at $0). On 402 INSUFFICIENT_CREDIT,
# POST /v1/account/topup and open the returned checkout_url.
export INFRAI_API_KEY="ifr_pk_proj_..."bash
curl -X GET https://api.infrai.cc/v1/auth/user/get/USER_ID \
-H "Authorization: Bearer $INFRAI_API_KEY"python
import os, requests
resp = requests.get(
"https://api.infrai.cc/v1/auth/user/get/USER_ID",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
)
resp.raise_for_status()
print(resp.json())javascript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/get/USER_ID",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
console.log(await resp.json());typescript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/get/USER_ID",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);auth.user.get_by_email
GET /v1/auth/user/get_by_email
按邮箱地址查找认证用户。
参数
| 名称 | 类型 | 必填 | 说明 |
|---|---|---|---|
email | string | 必填 | 用户邮箱地址。 |
返回
AuthUser示例
一次性前置(每个范例都假定已完成):
bash
# No SDK to install — every call is a plain HTTPS request.
# Get a project key by signing in at the console: Google/GitHub gives you
# $2 free credit (email sign-in starts at $0). On 402 INSUFFICIENT_CREDIT,
# POST /v1/account/topup and open the returned checkout_url.
export INFRAI_API_KEY="ifr_pk_proj_..."bash
curl -X GET https://api.infrai.cc/v1/auth/user/get_by_email \
-H "Authorization: Bearer $INFRAI_API_KEY"python
import os, requests
resp = requests.get(
"https://api.infrai.cc/v1/auth/user/get_by_email",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
)
resp.raise_for_status()
print(resp.json())javascript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/get_by_email",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
console.log(await resp.json());typescript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/get_by_email",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);auth.user.list
GET /v1/auth/user/list
按游标分页列出账户下的认证用户。
参数
| 名称 | 类型 | 必填 | 说明 |
|---|---|---|---|
cursor | string | 可选 | 不透明分页游标。 |
limit | number | 可选 | 返回条目的最大数量。 |
返回
{ items: AuthUser[], next_cursor?: string }示例
一次性前置(每个范例都假定已完成):
bash
# No SDK to install — every call is a plain HTTPS request.
# Get a project key by signing in at the console: Google/GitHub gives you
# $2 free credit (email sign-in starts at $0). On 402 INSUFFICIENT_CREDIT,
# POST /v1/account/topup and open the returned checkout_url.
export INFRAI_API_KEY="ifr_pk_proj_..."bash
curl -X GET https://api.infrai.cc/v1/auth/user/list \
-H "Authorization: Bearer $INFRAI_API_KEY"python
import os, requests
resp = requests.get(
"https://api.infrai.cc/v1/auth/user/list",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
)
resp.raise_for_status()
print(resp.json())javascript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/list",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
console.log(await resp.json());typescript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/list",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);auth.user.update
PATCH /v1/auth/user/update/{user_id}
更新已有认证用户的可变字段(metadata、手机号、MFA)。支持 idempotency_key。
参数
| 名称 | 类型 | 必填 | 说明 |
|---|---|---|---|
user_id | string | 必填 | 用户 id。 |
metadata | Record<string, unknown> | 可选 | 存储在用户上的任意键值元数据。 |
email_verified | boolean | 可选 | 将用户邮箱标记为已验证。 |
mfa_enabled | boolean | 可选 | 为用户启用或停用 MFA。 |
idempotency_key | string | 可选 | 客户端提供的幂等键。 |
返回
AuthUser示例
一次性前置(每个范例都假定已完成):
bash
# No SDK to install — every call is a plain HTTPS request.
# Get a project key by signing in at the console: Google/GitHub gives you
# $2 free credit (email sign-in starts at $0). On 402 INSUFFICIENT_CREDIT,
# POST /v1/account/topup and open the returned checkout_url.
export INFRAI_API_KEY="ifr_pk_proj_..."bash
curl -X PATCH https://api.infrai.cc/v1/auth/user/update/USER_ID \
-H "Authorization: Bearer $INFRAI_API_KEY" \
-H "Content-Type: application/json" \
-d '{"user_id": "..."}'python
import os, requests
resp = requests.patch(
"https://api.infrai.cc/v1/auth/user/update/USER_ID",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
json={'user_id': '...'},
)
resp.raise_for_status()
print(resp.json())javascript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/update/USER_ID",
{
method: "PATCH",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"user_id": "..."}),
},
);
console.log(await resp.json());typescript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/update/USER_ID",
{
method: "PATCH",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"user_id": "..."}),
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);auth.user.delete
DELETE /v1/auth/user/delete/{user_id}
删除认证用户并级联吊销其会话。支持 idempotency_key。
参数
| 名称 | 类型 | 必填 | 说明 |
|---|---|---|---|
user_id | string | 必填 | 用户 id。 |
返回
{ ok: boolean }示例
一次性前置(每个范例都假定已完成):
bash
# No SDK to install — every call is a plain HTTPS request.
# Get a project key by signing in at the console: Google/GitHub gives you
# $2 free credit (email sign-in starts at $0). On 402 INSUFFICIENT_CREDIT,
# POST /v1/account/topup and open the returned checkout_url.
export INFRAI_API_KEY="ifr_pk_proj_..."bash
curl -X DELETE https://api.infrai.cc/v1/auth/user/delete/USER_ID \
-H "Authorization: Bearer $INFRAI_API_KEY"python
import os, requests
resp = requests.delete(
"https://api.infrai.cc/v1/auth/user/delete/USER_ID",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
)
resp.raise_for_status()
print(resp.json())javascript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/delete/USER_ID",
{
method: "DELETE",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
console.log(await resp.json());typescript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/delete/USER_ID",
{
method: "DELETE",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);auth.session.create
POST /v1/auth/session/create
为用户签发已认证会话;路由到该用户锁定的 vendor。可能返回 AUTH_MFA_REQUIRED。支持 idempotency_key。
参数
| 名称 | 类型 | 必填 | 说明 |
|---|---|---|---|
user_id | string | 必填 | 用户 id。 |
method | string | 可选 | 会话使用的认证方式。 |
mfa_factor | string | 可选 | 设置 require_mfa 时的 MFA 因子 / 验证码。 |
require_mfa | boolean | 可选 | 签发会话需要 MFA 因子。 |
idempotency_key | string | 可选 | 客户端提供的幂等键。 |
返回
Session { session_id, access_token, refresh_token, expires_at }示例
一次性前置(每个范例都假定已完成):
bash
# No SDK to install — every call is a plain HTTPS request.
# Get a project key by signing in at the console: Google/GitHub gives you
# $2 free credit (email sign-in starts at $0). On 402 INSUFFICIENT_CREDIT,
# POST /v1/account/topup and open the returned checkout_url.
export INFRAI_API_KEY="ifr_pk_proj_..."bash
curl -X POST https://api.infrai.cc/v1/auth/session/create \
-H "Authorization: Bearer $INFRAI_API_KEY" \
-H "Content-Type: application/json" \
-d '{"user_id": "..."}'python
import os, requests
resp = requests.post(
"https://api.infrai.cc/v1/auth/session/create",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
json={'user_id': '...'},
)
resp.raise_for_status()
print(resp.json())javascript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/session/create",
{
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"user_id": "..."}),
},
);
console.log(await resp.json());typescript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/session/create",
{
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"user_id": "..."}),
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);auth.session.verify
GET /v1/auth/session/verify/{session_id}
依据 vendor JWKS(RS256+ES256)校验 session_id / JWT,并返回 Session。
参数
| 名称 | 类型 | 必填 | 说明 |
|---|---|---|---|
session_id | string | 必填 | 会话 id。 |
返回
{ valid: boolean, user_id?, expires_at? }示例
一次性前置(每个范例都假定已完成):
bash
# No SDK to install — every call is a plain HTTPS request.
# Get a project key by signing in at the console: Google/GitHub gives you
# $2 free credit (email sign-in starts at $0). On 402 INSUFFICIENT_CREDIT,
# POST /v1/account/topup and open the returned checkout_url.
export INFRAI_API_KEY="ifr_pk_proj_..."bash
curl -X GET https://api.infrai.cc/v1/auth/session/verify/SESSION_ID \
-H "Authorization: Bearer $INFRAI_API_KEY"python
import os, requests
resp = requests.get(
"https://api.infrai.cc/v1/auth/session/verify/SESSION_ID",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
)
resp.raise_for_status()
print(resp.json())javascript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/session/verify/SESSION_ID",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
console.log(await resp.json());typescript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/session/verify/SESSION_ID",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);auth.session.refresh
POST /v1/auth/session/refresh
用 refresh token 换取新会话;强制 5 分钟冷却(AUTH_REFRESH_TOO_FREQUENT)。支持 idempotency_key。
参数
| 名称 | 类型 | 必填 | 说明 |
|---|---|---|---|
refresh_token | string | 必填 | 用于换取新会话的有效 refresh token。 |
idempotency_key | string | 可选 | 客户端提供的幂等键。 |
返回
Session示例
一次性前置(每个范例都假定已完成):
bash
# No SDK to install — every call is a plain HTTPS request.
# Get a project key by signing in at the console: Google/GitHub gives you
# $2 free credit (email sign-in starts at $0). On 402 INSUFFICIENT_CREDIT,
# POST /v1/account/topup and open the returned checkout_url.
export INFRAI_API_KEY="ifr_pk_proj_..."bash
curl -X POST https://api.infrai.cc/v1/auth/session/refresh \
-H "Authorization: Bearer $INFRAI_API_KEY" \
-H "Content-Type: application/json" \
-d '{"refresh_token": "..."}'python
import os, requests
resp = requests.post(
"https://api.infrai.cc/v1/auth/session/refresh",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
json={'refresh_token': '...'},
)
resp.raise_for_status()
print(resp.json())javascript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/session/refresh",
{
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"refresh_token": "..."}),
},
);
console.log(await resp.json());typescript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/session/refresh",
{
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"refresh_token": "..."}),
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);auth.session.revoke
POST /v1/auth/session/revoke/{session_id}
按 session_id 吊销单个会话。支持 idempotency_key。
参数
| 名称 | 类型 | 必填 | 说明 |
|---|---|---|---|
session_id | string | 必填 | 会话 id。 |
idempotency_key | string | 可选 | 客户端提供的幂等键。 |
返回
{ ok: boolean }示例
一次性前置(每个范例都假定已完成):
bash
# No SDK to install — every call is a plain HTTPS request.
# Get a project key by signing in at the console: Google/GitHub gives you
# $2 free credit (email sign-in starts at $0). On 402 INSUFFICIENT_CREDIT,
# POST /v1/account/topup and open the returned checkout_url.
export INFRAI_API_KEY="ifr_pk_proj_..."bash
curl -X POST https://api.infrai.cc/v1/auth/session/revoke/SESSION_ID \
-H "Authorization: Bearer $INFRAI_API_KEY" \
-H "Content-Type: application/json" \
-d '{"session_id": "..."}'python
import os, requests
resp = requests.post(
"https://api.infrai.cc/v1/auth/session/revoke/SESSION_ID",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
json={'session_id': '...'},
)
resp.raise_for_status()
print(resp.json())javascript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/session/revoke/SESSION_ID",
{
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"session_id": "..."}),
},
);
console.log(await resp.json());typescript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/session/revoke/SESSION_ID",
{
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"session_id": "..."}),
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);auth.session.revoke_all_for_user
POST /v1/auth/session/revoke_all_for_user/{user_id}
吊销某用户的全部活跃会话(如改密 / 全端登出)。支持 idempotency_key。
参数
| 名称 | 类型 | 必填 | 说明 |
|---|---|---|---|
user_id | string | 必填 | 用户 id。 |
except_session_id | string | 可选 | 保留此会话;吊销其余全部。 |
返回
{ revoked: number }示例
一次性前置(每个范例都假定已完成):
bash
# No SDK to install — every call is a plain HTTPS request.
# Get a project key by signing in at the console: Google/GitHub gives you
# $2 free credit (email sign-in starts at $0). On 402 INSUFFICIENT_CREDIT,
# POST /v1/account/topup and open the returned checkout_url.
export INFRAI_API_KEY="ifr_pk_proj_..."bash
curl -X POST https://api.infrai.cc/v1/auth/session/revoke_all_for_user/USER_ID \
-H "Authorization: Bearer $INFRAI_API_KEY" \
-H "Content-Type: application/json" \
-d '{"user_id": "..."}'python
import os, requests
resp = requests.post(
"https://api.infrai.cc/v1/auth/session/revoke_all_for_user/USER_ID",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
json={'user_id': '...'},
)
resp.raise_for_status()
print(resp.json())javascript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/session/revoke_all_for_user/USER_ID",
{
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"user_id": "..."}),
},
);
console.log(await resp.json());typescript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/session/revoke_all_for_user/USER_ID",
{
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"user_id": "..."}),
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);auth.session.list_for_user
GET /v1/auth/session/list_for_user/{user_id}
列出指定用户的活跃会话。
参数
| 名称 | 类型 | 必填 | 说明 |
|---|---|---|---|
user_id | string | 必填 | 用户 id。 |
返回
{ items: Session[] }示例
一次性前置(每个范例都假定已完成):
bash
# No SDK to install — every call is a plain HTTPS request.
# Get a project key by signing in at the console: Google/GitHub gives you
# $2 free credit (email sign-in starts at $0). On 402 INSUFFICIENT_CREDIT,
# POST /v1/account/topup and open the returned checkout_url.
export INFRAI_API_KEY="ifr_pk_proj_..."bash
curl -X GET https://api.infrai.cc/v1/auth/session/list_for_user/USER_ID \
-H "Authorization: Bearer $INFRAI_API_KEY"python
import os, requests
resp = requests.get(
"https://api.infrai.cc/v1/auth/session/list_for_user/USER_ID",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
)
resp.raise_for_status()
print(resp.json())javascript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/session/list_for_user/USER_ID",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
console.log(await resp.json());typescript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/session/list_for_user/USER_ID",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);auth.consent.grant
POST /v1/auth/consent/grant/{user_id}
为用户 / 类别记录一条 GDPR/CCPA 同意授予。支持 idempotency_key。
参数
| 名称 | 类型 | 必填 | 说明 |
|---|---|---|---|
user_id | string | 必填 | 用户 id。 |
category | string | 必填 | 同意类别,如 marketing 或 analytics。 |
source | string | 可选 | 同意的采集来源。 |
idempotency_key | string | 可选 | 客户端提供的幂等键。 |
返回
{ ok: boolean }示例
一次性前置(每个范例都假定已完成):
bash
# No SDK to install — every call is a plain HTTPS request.
# Get a project key by signing in at the console: Google/GitHub gives you
# $2 free credit (email sign-in starts at $0). On 402 INSUFFICIENT_CREDIT,
# POST /v1/account/topup and open the returned checkout_url.
export INFRAI_API_KEY="ifr_pk_proj_..."bash
curl -X POST https://api.infrai.cc/v1/auth/consent/grant/USER_ID \
-H "Authorization: Bearer $INFRAI_API_KEY" \
-H "Content-Type: application/json" \
-d '{"user_id": "...", "category": "marketing"}'python
import os, requests
resp = requests.post(
"https://api.infrai.cc/v1/auth/consent/grant/USER_ID",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
json={'user_id': '...', 'category': 'marketing'},
)
resp.raise_for_status()
print(resp.json())javascript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/consent/grant/USER_ID",
{
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"user_id": "...", "category": "marketing"}),
},
);
console.log(await resp.json());typescript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/consent/grant/USER_ID",
{
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"user_id": "...", "category": "marketing"}),
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);auth.consent.revoke
POST /v1/auth/consent/revoke/{user_id}
撤回此前为用户 / 类别授予的同意。支持 idempotency_key。
参数
| 名称 | 类型 | 必填 | 说明 |
|---|---|---|---|
user_id | string | 必填 | 用户 id。 |
category | string | 必填 | 同意类别,如 marketing 或 analytics。 |
idempotency_key | string | 可选 | 客户端提供的幂等键。 |
返回
{ ok: boolean }示例
一次性前置(每个范例都假定已完成):
bash
# No SDK to install — every call is a plain HTTPS request.
# Get a project key by signing in at the console: Google/GitHub gives you
# $2 free credit (email sign-in starts at $0). On 402 INSUFFICIENT_CREDIT,
# POST /v1/account/topup and open the returned checkout_url.
export INFRAI_API_KEY="ifr_pk_proj_..."bash
curl -X POST https://api.infrai.cc/v1/auth/consent/revoke/USER_ID \
-H "Authorization: Bearer $INFRAI_API_KEY" \
-H "Content-Type: application/json" \
-d '{"user_id": "...", "category": "marketing"}'python
import os, requests
resp = requests.post(
"https://api.infrai.cc/v1/auth/consent/revoke/USER_ID",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
json={'user_id': '...', 'category': 'marketing'},
)
resp.raise_for_status()
print(resp.json())javascript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/consent/revoke/USER_ID",
{
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"user_id": "...", "category": "marketing"}),
},
);
console.log(await resp.json());typescript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/consent/revoke/USER_ID",
{
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"user_id": "...", "category": "marketing"}),
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);auth.consent.check
GET /v1/auth/consent/check/{user_id}/{category}
检查用户当前是否持有某类别的同意(布尔)。
参数
| 名称 | 类型 | 必填 | 说明 |
|---|---|---|---|
user_id | string | 必填 | 用户 id。 |
category | string | 必填 | 同意类别,如 marketing 或 analytics。 |
返回
{ granted: boolean, source?, granted_at? }示例
一次性前置(每个范例都假定已完成):
bash
# No SDK to install — every call is a plain HTTPS request.
# Get a project key by signing in at the console: Google/GitHub gives you
# $2 free credit (email sign-in starts at $0). On 402 INSUFFICIENT_CREDIT,
# POST /v1/account/topup and open the returned checkout_url.
export INFRAI_API_KEY="ifr_pk_proj_..."bash
curl -X GET https://api.infrai.cc/v1/auth/consent/check/USER_ID/CATEGORY \
-H "Authorization: Bearer $INFRAI_API_KEY"python
import os, requests
resp = requests.get(
"https://api.infrai.cc/v1/auth/consent/check/USER_ID/CATEGORY",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
)
resp.raise_for_status()
print(resp.json())javascript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/consent/check/USER_ID/CATEGORY",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
console.log(await resp.json());typescript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/consent/check/USER_ID/CATEGORY",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);auth.consent.list_for_user
GET /v1/auth/consent/list_for_user/{user_id}
列出某用户跨 GDPR 类别的全部同意记录。
参数
| 名称 | 类型 | 必填 | 说明 |
|---|---|---|---|
user_id | string | 必填 | 用户 id。 |
返回
{ items: Array<{ category, granted, source?, granted_at? }> }示例
一次性前置(每个范例都假定已完成):
bash
# No SDK to install — every call is a plain HTTPS request.
# Get a project key by signing in at the console: Google/GitHub gives you
# $2 free credit (email sign-in starts at $0). On 402 INSUFFICIENT_CREDIT,
# POST /v1/account/topup and open the returned checkout_url.
export INFRAI_API_KEY="ifr_pk_proj_..."bash
curl -X GET https://api.infrai.cc/v1/auth/consent/list_for_user/USER_ID \
-H "Authorization: Bearer $INFRAI_API_KEY"python
import os, requests
resp = requests.get(
"https://api.infrai.cc/v1/auth/consent/list_for_user/USER_ID",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
)
resp.raise_for_status()
print(resp.json())javascript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/consent/list_for_user/USER_ID",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
console.log(await resp.json());typescript
const resp = await fetch(
"https://api.infrai.cc/v1/auth/consent/list_for_user/USER_ID",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);高级:指定 vendor
默认情况下 infrai 会把每次调用智能路由到最佳可用供应商——无需自己挑选 vendor。作为高级逃生口,本能力支持可选的 vendor 入参以锁定某个供应商。本能力当前所有可用 vendor 可通过该能力 id 对应的 discovery 端点实时获取——参见 discovery API。
GET /v1/discovery/{capability}auth.user.create
全部能力
本模块全部已路由能力——完整的对外 REST 契约。上方方法是带讲解的入门示例,此表是完整参考。
| 能力 | 端点 | 说明 |
|---|---|---|
auth.consent.check | GET /v1/auth/consent/check/{user_id}/{category} | Check whether a user currently holds consent for a given category (boolean). |
auth.consent.grant | POST /v1/auth/consent/grant/{user_id} | Record a GDPR/CCPA consent grant for a user/category. Accepts idempotency_key. |
auth.consent.list_for_user | GET /v1/auth/consent/list_for_user/{user_id} | List all consent records for a user across GDPR categories. |
auth.consent.revoke | POST /v1/auth/consent/revoke/{user_id} | Revoke a previously granted consent for a user/category. Accepts idempotency_key. |
auth.session.create | POST /v1/auth/session/create | Mint an authenticated session for a user; routes to the user's pinned vendor. May return AUTH_MFA_REQUIRED. Accepts idempotency_key. |
auth.session.list_for_user | GET /v1/auth/session/list_for_user/{user_id} | List active sessions for a given user. |
auth.session.refresh | POST /v1/auth/session/refresh | Exchange a refresh token for a new session; enforces 5-min cooldown (AUTH_REFRESH_TOO_FREQUENT). Accepts idempotency_key. |
auth.session.revoke | POST /v1/auth/session/revoke/{session_id} | Revoke a single session by session_id. Accepts idempotency_key. |
auth.session.revoke_all_for_user | POST /v1/auth/session/revoke_all_for_user/{user_id} | Revoke all active sessions for a user (e.g. password reset / logout-everywhere). Accepts idempotency_key. |
auth.session.verify | GET /v1/auth/session/verify/{session_id} | Verify a session_id / JWT against the vendor JWKS (RS256+ES256) and return the Session. |
auth.user.create | POST /v1/auth/user/create | Create an auth user across a vendor (Clerk/WorkOS/Supabase Auth). Pins the vendor of record (sticky-on-resource). Accepts idempotency_key. |
auth.user.delete | DELETE /v1/auth/user/delete/{user_id} | Delete an auth user and cascade-revoke its sessions. Accepts idempotency_key. |
auth.user.get | GET /v1/auth/user/get/{user_id} | Fetch a single auth user by user_id from its pinned vendor. |
auth.user.get_by_email | GET /v1/auth/user/get_by_email | Look up an auth user by email address. |
auth.user.list | GET /v1/auth/user/list | Cursor-paginated list of auth users for the account. |
auth.user.update | PATCH /v1/auth/user/update/{user_id} | Update mutable fields (metadata, phone, MFA) of an existing auth user. Accepts idempotency_key. |
完整示例
本模块的生产级端到端范例:先一次性配置,再运行业务流程,尽量覆盖本模块的多数 API。
单文件可运行 Python 程序(仅标准库、无 SDK):拷贝后填入 INFRAI_API_KEY 运行,即可按真实业务流逐步体验本模块核心 API——每一步都真实调用并计费,后续步骤复用前一步返回的真实字段。12 行 helper 就是全部集成代码。
python
#!/usr/bin/env python3
"""Infrai · auth — runnable real-app example (single file, zero deps).
Copy this file, set your key, run it: every step is a REAL call to
api.infrai.cc, billed at the real (tiny) per-call price, printing the
live JSON response. Get a key at https://console.infrai.cc (Google/
GitHub sign-in grants $2 free credit). No SDK — the 12-line helper
below is the entire integration."""
import json
import os
from urllib import error, request
KEY = os.environ.get("INFRAI_API_KEY") or "ifr_pk_proj_..." # <- your key
BASE = "https://api.infrai.cc"
# Same raw HTTPS POST/GET as every per-method example on this page —
# wrapped once for reuse. There is nothing else to it: no SDK.
def infrai(method, path, body=None):
req = request.Request(
BASE + path, method=method,
data=json.dumps(body).encode() if body is not None else None,
headers={"Authorization": f"Bearer {KEY}",
"Content-Type": "application/json"})
try:
with request.urlopen(req, timeout=60) as r:
return json.loads(r.read())
except error.HTTPError as e:
return json.loads(e.read())
def show(label, resp):
print(f"\n== {label} ==")
print(json.dumps(resp, indent=2, ensure_ascii=False))
return resp
# 1) auth.user.create — POST /v1/auth/user/create · Create an auth user across a vendor (Clerk/WorkOS/Supabase Auth). Pins the vendor of record (sticky-on-resource). Accepts idempotency_key.
r1 = show("auth.user.create", infrai("POST", "/v1/auth/user/create", {"email":"..."}))
# 2) auth.session.create — POST /v1/auth/session/create · Mint an authenticated session for a user; routes to the user's pinned vendor. May return AUTH_MFA_REQUIRED. Accepts idempotency_key.
r2 = show("auth.session.create", infrai("POST", "/v1/auth/session/create", {"user_id":"..."}))
# 3) auth.user.get_by_email — GET /v1/auth/user/get_by_email · Look up an auth user by email address.
r3 = show("auth.user.get_by_email", infrai("GET", "/v1/auth/user/get_by_email"))
一次性前置(每个范例都假定已完成):
bash
# No SDK to install — every call is a plain HTTPS request.
# Get a project key by signing in at the console: Google/GitHub gives you
# $2 free credit (email sign-in starts at $0). On 402 INSUFFICIENT_CREDIT,
# POST /v1/account/topup and open the returned checkout_url.
export INFRAI_API_KEY="ifr_pk_proj_..."bash
# 1) Auth: every call is a raw HTTPS request to the Infrai gateway carrying
# only your project key. No SDK, no install.
# Get your key: sign in with Google/GitHub at the console for a project key
# + $2 free credit (email sign-in starts at $0). On 402 INSUFFICIENT_CREDIT,
# POST /v1/account/topup and open the returned checkout_url.
export INFRAI_API_KEY="ifr_pk_proj_..." # from the console
# 2) auth.user.create
curl -X POST https://api.infrai.cc/v1/auth/user/create \
-H "Authorization: Bearer $INFRAI_API_KEY" \
-H "Content-Type: application/json" \
-d '{"email": "..."}'
# 3) auth.user.get
curl -X GET https://api.infrai.cc/v1/auth/user/get/USER_ID \
-H "Authorization: Bearer $INFRAI_API_KEY"
# 4) auth.user.get_by_email
curl -X GET https://api.infrai.cc/v1/auth/user/get_by_email \
-H "Authorization: Bearer $INFRAI_API_KEY"
# 5) auth.user.list
curl -X GET https://api.infrai.cc/v1/auth/user/list \
-H "Authorization: Bearer $INFRAI_API_KEY"
# 6) auth.user.update
curl -X PATCH https://api.infrai.cc/v1/auth/user/update/USER_ID \
-H "Authorization: Bearer $INFRAI_API_KEY" \
-H "Content-Type: application/json" \
-d '{"user_id": "..."}'
# 7) auth.user.delete
curl -X DELETE https://api.infrai.cc/v1/auth/user/delete/USER_ID \
-H "Authorization: Bearer $INFRAI_API_KEY"
# 8) auth.session.create
curl -X POST https://api.infrai.cc/v1/auth/session/create \
-H "Authorization: Bearer $INFRAI_API_KEY" \
-H "Content-Type: application/json" \
-d '{"user_id": "..."}'
# 9) auth.session.verify
curl -X GET https://api.infrai.cc/v1/auth/session/verify/SESSION_ID \
-H "Authorization: Bearer $INFRAI_API_KEY"
python
# 1) Auth: every call is a raw HTTPS request carrying only your project key.
# No SDK to install — just the `requests` library.
import os, requests
BASE = "https://api.infrai.cc"
HEADERS = {
"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}",
"Content-Type": "application/json",
}
# 2) auth.user.create
import os, requests
resp = requests.post(
"https://api.infrai.cc/v1/auth/user/create",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
json={'email': '...'},
)
resp.raise_for_status()
print(resp.json())
# 3) auth.user.get
import os, requests
resp = requests.get(
"https://api.infrai.cc/v1/auth/user/get/USER_ID",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
)
resp.raise_for_status()
print(resp.json())
# 4) auth.user.get_by_email
import os, requests
resp = requests.get(
"https://api.infrai.cc/v1/auth/user/get_by_email",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
)
resp.raise_for_status()
print(resp.json())
# 5) auth.user.list
import os, requests
resp = requests.get(
"https://api.infrai.cc/v1/auth/user/list",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
)
resp.raise_for_status()
print(resp.json())
# 6) auth.user.update
import os, requests
resp = requests.patch(
"https://api.infrai.cc/v1/auth/user/update/USER_ID",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
json={'user_id': '...'},
)
resp.raise_for_status()
print(resp.json())
# 7) auth.user.delete
import os, requests
resp = requests.delete(
"https://api.infrai.cc/v1/auth/user/delete/USER_ID",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
)
resp.raise_for_status()
print(resp.json())
# 8) auth.session.create
import os, requests
resp = requests.post(
"https://api.infrai.cc/v1/auth/session/create",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
json={'user_id': '...'},
)
resp.raise_for_status()
print(resp.json())
# 9) auth.session.verify
import os, requests
resp = requests.get(
"https://api.infrai.cc/v1/auth/session/verify/SESSION_ID",
headers={"Authorization": f"Bearer {os.environ['INFRAI_API_KEY']}"},
)
resp.raise_for_status()
print(resp.json())
javascript
// 1) Auth: every call is a raw HTTPS request carrying only your project key.
// No SDK to install — just the built-in fetch().
const BASE = "https://api.infrai.cc";
const HEADERS = {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
};
// 2) auth.user.create
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/create",
{
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"email": "..."}),
},
);
console.log(await resp.json());
// 3) auth.user.get
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/get/USER_ID",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
console.log(await resp.json());
// 4) auth.user.get_by_email
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/get_by_email",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
console.log(await resp.json());
// 5) auth.user.list
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/list",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
console.log(await resp.json());
// 6) auth.user.update
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/update/USER_ID",
{
method: "PATCH",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"user_id": "..."}),
},
);
console.log(await resp.json());
// 7) auth.user.delete
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/delete/USER_ID",
{
method: "DELETE",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
console.log(await resp.json());
// 8) auth.session.create
const resp = await fetch(
"https://api.infrai.cc/v1/auth/session/create",
{
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"user_id": "..."}),
},
);
console.log(await resp.json());
// 9) auth.session.verify
const resp = await fetch(
"https://api.infrai.cc/v1/auth/session/verify/SESSION_ID",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
console.log(await resp.json());
typescript
// 1) Auth: every call is a raw HTTPS request carrying only your project key.
// No SDK to install — just the built-in fetch(), typed.
const BASE = "https://api.infrai.cc";
const HEADERS: Record<string, string> = {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
};
// 2) auth.user.create
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/create",
{
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"email": "..."}),
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);
// 3) auth.user.get
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/get/USER_ID",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);
// 4) auth.user.get_by_email
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/get_by_email",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);
// 5) auth.user.list
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/list",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);
// 6) auth.user.update
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/update/USER_ID",
{
method: "PATCH",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"user_id": "..."}),
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);
// 7) auth.user.delete
const resp = await fetch(
"https://api.infrai.cc/v1/auth/user/delete/USER_ID",
{
method: "DELETE",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);
// 8) auth.session.create
const resp = await fetch(
"https://api.infrai.cc/v1/auth/session/create",
{
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
"Content-Type": "application/json",
},
body: JSON.stringify({"user_id": "..."}),
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);
// 9) auth.session.verify
const resp = await fetch(
"https://api.infrai.cc/v1/auth/session/verify/SESSION_ID",
{
method: "GET",
headers: {
"Authorization": `Bearer ${process.env.INFRAI_API_KEY}`,
},
},
);
if (!resp.ok) throw new Error(`infrai ${resp.status}`);
const data: unknown = await resp.json();
console.log(data);