API Overview

Stack offers a REST API for backends & frontends of any programming language or framework. This API is used to authenticate users, manage user data, and more.

Authentication

The following authentication headers are common to every endpoint:

1 curl https://api.stack-auth.com/api/v1/ \
2      -H "X-Stack-Access-Type: <either 'client' or 'server'>" \
3      -H "X-Stack-Project-Id: <your project UUID>" \
4      -H "X-Stack-Publishable-Client-Key: pck_<your publishable client key>" \
5      -H "X-Stack-Secret-Server-Key: ssk_<your secret server key>" \
6      -H "X-Stack-Access-Token: <the current user's access token>"

Header	Type	Description
`X-Stack-Access-Type`	”client” \| “server”	Required. “client” (without quotes) for the frontend API, or “server” for the backend API.
`X-Stack-Project-Id`	UUID	Required. The project ID as found on the Stack dashboard.
`X-Stack-Publishable-Client-Key`	string	Required for client access. The API key as found on the Stack dashboard.
`X-Stack-Secret-Server-Key`	string	Required for server access. The API key as found on the Stack dashboard.
`X-Stack-Access-Token`	string	Optional. The access token for the current user. If not given, the request is considered to be logged out.

To see how to use these headers in various programming languages, see the examples.

Authentication

FAQ

Which languages are supported?

Should I use client or server access type?

What is this 'admin' access type that I see?

1	curl https://api.stack-auth.com/api/v1/ \
2	-H "X-Stack-Access-Type: <either 'client' or 'server'>" \
3	-H "X-Stack-Project-Id: <your project UUID>" \
4	-H "X-Stack-Publishable-Client-Key: pck_<your publishable client key>" \
5	-H "X-Stack-Secret-Server-Key: ssk_<your secret server key>" \
6	-H "X-Stack-Access-Token: <the current user's access token>"