Security
The Auth API
API integration
Ship Security features without building the integration. Full The Auth API API access via Proxy and 50+ MCP-ready tools for AI agents — extend models and mappings to fit your product.
Talk to usUse Cases
Why integrate with The Auth API
Common scenarios for SaaS companies building The Auth API integrations for their customers.
Power usage-based billing with key-level telemetry
Billing and metering platforms can pull aggregated API call volume per key or project from The Auth API to drive accurate pay-as-you-go invoicing for their customers, without asking them to instrument custom event streams.
Embed self-service API key management in developer portals
Hosted documentation and developer experience platforms can let end-users generate, rotate, and revoke keys directly from the docs UI, removing context switches and improving Time to Hello World.
Trigger PLG signals from real API activity
GTM and CRM tools can subscribe to lifecycle webhooks (key creation, activation, first call) to score leads and notify sales the moment a prospect actually integrates, instead of relying on lagging product analytics.
Sync key lifecycle events into SIEM and audit pipelines
Security and observability platforms can ingest key creation, rotation, reactivation, and deletion events to maintain a complete audit trail of credential activity across their customers' environments.
Provision multi-tenant API access for embedded platforms
Platforms that resell or wrap APIs can programmatically create projects, accounts, and scoped keys per end customer, mapping their internal tenant model directly onto The Auth API's project hierarchy.
What You Can Build
Ship these features with Truto + The Auth API
Concrete product features your team can ship faster by leveraging Truto’s The Auth API integration instead of building from scratch.
Embedded API key issuance and rotation UI
Ship a native panel where users click to create, rotate, reactivate, or revoke their The Auth API keys without leaving your app.
Per-tenant usage dashboards
Render charts of API call totals by key and project using analytics endpoints to give your customers visibility into their own consumption.
Webhook-driven automation workflows
Let users subscribe to The Auth API webhook topics from inside your product and route events into Slack, CRMs, or internal pipelines.
Multi-project provisioning for new customers
Automatically create a project, account, and initial API key in The Auth API whenever a new tenant signs up in your platform.
Teammate and role management
Surface The Auth API teammates, invitations, and user roles in your admin console so customers can manage who has access without logging into a separate tool.
Scheduled usage export for billing
Run a cron-backed sync against project and key analytics totals to feed your metering or invoicing engine on a defined cadence.
SuperAI
The Auth API AI agent tools
Comprehensive AI agent toolset with fine-grained control. Integrates with MCP clients like Cursor and Claude, or frameworks like LangChain.
list_all_the_auth_api_misc
List resources from the theauthapi root endpoint. Returns a 200 response; the upstream source does not enumerate any response fields or parameters for this endpoint.
list_all_the_auth_api_access_keys
List theauthapi access keys for an account. Returns: key, accountId, projectId, isActive. Required: accountId.
create_a_the_auth_api_access_key
Create a new access key in theauthapi. Returns: key, accountId, projectId, isActive. Required: accountId.
update_a_the_auth_api_access_key_by_id
Update an existing theauthapi access key by id. Returns: key, accountId, projectId, isActive. Required: id.
delete_a_the_auth_api_access_key_by_id
Delete a theauthapi access key by id. Returns an empty 200 response on success. Required: id.
update_a_the_auth_api_access_key_reactivate_by_id
Reactivate a deactivated access key in theauthapi. Returns a 200 response on success. Required: id.
list_all_the_auth_api_projects
List projects in theauthapi for a specific account. Returns: id. Required: accountId.
create_a_the_auth_api_project
Create a new project in theauthapi. Returns: id.
get_single_the_auth_api_project_by_id
Get a single theauthapi project by id. Returns: id. Required: id.
update_a_the_auth_api_project_by_id
Update an existing theauthapi project by id. Returns: id. Required: id.
delete_a_the_auth_api_project_by_id
Delete a theauthapi project by id. Returns: id. Required: id.
list_all_the_auth_api_user_roles
List all user roles in theauthapi. Returns a collection of user role objects including id and attributes. Optional: accountId to filter results by account.
update_a_the_auth_api_user_role_by_id
Update roles for a specific user in theauthapi. Returns the updated user role record including id and attributes. Required: id.
delete_a_the_auth_api_user_role_by_id
Delete roles for a specific user in theauthapi. Returns an empty 204 response on success. Required: id.
list_all_the_auth_api_webhooks
List webhooks in theauthapi filtered by account, project, and topic. Returns: id, accountId, projectId, topic. Required: accountId, projectId, topic.
create_a_the_auth_api_webhook
Create a new webhook in theauthapi. Returns: id, accountId, projectId, topic. Required: accountId, projectId, topic.
get_single_the_auth_api_webhook_by_id
Get a single theauthapi webhook by id. Returns: id, accountId, projectId, topic. Required: id.
update_a_the_auth_api_webhook_by_id
Update an existing theauthapi webhook by id. Returns: id, accountId, projectId, topic. Required: id.
delete_a_the_auth_api_webhook_by_id
Delete a theauthapi webhook by id. Returns an empty 204 response on success. Required: id.
create_a_the_auth_api_webhooks_ping
Send a test ping to a theauthapi webhook endpoint to verify connectivity and confirm the webhook is reachable. Returns an empty 200 response on success.
list_all_the_auth_api_webhooks_topics
List all available webhook topics in theauthapi. Returns the collection of webhook event topics that can be subscribed to. The response shape is not enumerated in the upstream documentation.
list_all_the_auth_api_accounts
List all accounts in theauthapi. Returns: id.
create_a_the_auth_api_account
Create a new account in theauthapi. Returns: id.
get_single_the_auth_api_account_by_id
Get a single account by id from theauthapi. Returns: id. Required: id.
update_a_the_auth_api_account_by_id
Update an existing account by id in theauthapi. Returns: id. Required: id.
delete_a_the_auth_api_account_by_id
Delete an account by id from theauthapi. Returns an empty 204 response on success. Required: id.
create_a_the_auth_api_account_user
Invite a user to a theauthapi account by account id. Returns an empty 201 response on success. Required: id.
create_a_the_auth_api_auth_signup
Create a new user account in theauthapi by signing up with a JSON body following the UserSignupDto schema. Returns an empty 201 response on success.
create_a_the_auth_api_auth_add_user_from_firebase
Add a user to theauthapi from a Firebase account by posting Firebase user credentials as a JSON body. Returns an empty 201 response on success.
create_a_the_auth_api_auth_login
Authenticate a user in theauthapi by submitting login credentials as a JSON body. Returns a 201 response on success. The response body is not enumerated in the upstream source.
create_a_the_auth_api_auth_email_otc
Create and send an email one-time code (OTC) via theauthapi to initiate email-based authentication. Returns an empty 201 response on success. Required: email.
create_a_the_auth_api_auth_validate_login_code
Validate a login code in theauthapi. Returns an empty 201 response on success.
create_a_the_auth_api_auth_refresh_access_token
Refresh an access token in theauthapi by posting a user access token payload. Returns a 201 Created response on success. Required: a valid user access token body (UserAccessTokenDto).
create_a_the_auth_api_auth_authenticate
Authenticate with theauthapi to verify credentials and obtain access. Returns a 201 response on success. No specific request body fields or response fields are documented by the upstream source.
update_a_the_auth_api_user_by_id
Update an existing user in theauthapi by id. Applies a partial JSON patch to the user record and returns a 200 response on success. Required: id.
list_all_the_auth_api_api_keys
List API keys in theauthapi. Returns: key, name, projectId, isActive, customAccountId, customUserId. Optionally filter by projectId, name, customAccountId, customUserId, or isActive.
create_a_the_auth_api_api_key
Create a new API key in theauthapi. Returns: key, name, projectId, isActive, customAccountId, customUserId.
the_auth_api_api_keys_list_2
Look up a theauthapi API key by its key string value. Returns: key, name, projectId, isActive, customAccountId, customUserId. Required: key.
update_a_the_auth_api_api_key_by_id
Update an existing theauthapi API key by id. Returns: key, name, projectId, isActive, customAccountId, customUserId. Required: id.
delete_a_the_auth_api_api_key_by_id
Delete a theauthapi API key by id. Returns an empty 200 response on success. Required: id.
get_single_the_auth_api_api_key_by_id
Get a single theauthapi API key by id. Returns: key, name, projectId, isActive, customAccountId, customUserId. Required: id.
list_all_the_auth_api_api_keys_auths
Authenticate a theauthapi API key using the legacy GET endpoint (authenticateKeyLegacy). Returns a 200 OK response on success. Required: key.
create_a_the_auth_api_api_keys_auth
Authenticate a theauthapi API key via POST (authenticateKey). Returns a 200 OK response on success. Required: id.
get_single_the_auth_api_api_keys_auth_by_id
Authenticate a theauthapi API key by id using GET. Returns a 200 OK response on success. Required: id.
update_a_the_auth_api_api_key_reactivate_by_id
Reactivate an API key in theauthapi by its key identifier. Returns a 200 response on success. Required: id.
create_a_the_auth_api_api_key_rotate
Rotate an API key in theauthapi by its key id. Returns a 201 response on success; the response body is not documented by the source. Required: id.
list_all_the_auth_api_analytics_project_totals
List analytics project totals in theauthapi for a specific project and date grouping. Returns aggregated analytics totals data for the project (the upstream source documents a 200 response but does not enumerate specific response fields). Required: projectId, dateGrouping.
list_all_the_auth_api_analytics_api_key_totals
List API key usage totals from theauthapi analytics, grouped by a specified date period. Returns aggregate analytics data for the given project (response fields are not enumerated in the source documentation). Required: projectId, dateGrouping.
list_all_the_auth_api_notifications
List notifications in theauthapi. Returns a collection of notification records; the source documents only a 200 response with no additional field details. Returns: id.
list_all_the_auth_api_invitations
List invitations in theauthapi. Returns: id, accountId, projectId, status. Optionally filter results by accountId, projectId, or status.
create_a_the_auth_api_invitation
Create a new invitation in theauthapi. Returns: id, accountId, projectId, status.
get_single_the_auth_api_invitation_by_id
Get a single invitation by id in theauthapi. Returns: id, accountId, projectId, status. Required: id.
update_a_the_auth_api_invitation_by_id
Update an existing invitation by id in theauthapi. Returns: id, accountId, projectId, status. Required: id.
delete_a_the_auth_api_invitation_by_id
Delete an invitation by id in theauthapi. Returns an empty 204 response on success. Required: id.
create_a_the_auth_api_invitation_accept
Accept a theauthapi invitation by id. Returns an empty 201 response on success. Required: id.
list_all_the_auth_api_invitation_info
Get information about a specific theauthapi invitation by id. Returns: id and invitation-specific attributes. Required: id.
list_all_the_auth_api_teammates
List teammates in theauthapi. Returns a collection of teammate objects; the exact response fields are not enumerated in the source documentation. Optionally filter results by accountId or projectId.
Why Truto
Why use Truto’s MCP server for The Auth API
Other MCP servers give you a static tool list for one app. Truto gives you a managed, multi-tenant MCP infrastructure across 500+ integrations.
Auto-generated, always up to date
Tools are dynamically generated from curated documentation — not hand-coded. As integrations evolve, tools stay current without manual maintenance.
Fine-grained access control
Scope each MCP server to read-only, write-only, specific methods, or tagged tool groups. Expose only what your AI agent needs — nothing more.
Multi-tenant by design
Each MCP server is scoped to a single connected account with its own credentials. The URL itself is the auth token — no shared secrets, no credential leaking across tenants.
Works with every MCP client
Standard JSON-RPC 2.0 protocol. Paste the URL into Claude, ChatGPT, Cursor, or any MCP-compatible agent framework — tools are discovered automatically.
Built-in auth, rate limits, and error handling
Tool calls execute through Truto’s proxy layer with automatic OAuth refresh, rate-limit handling, and normalized error responses. No raw API plumbing in your agent.
Expiring and auditable servers
Create time-limited MCP servers for contractors or automated workflows. Optional dual-auth requires both the URL and a Truto API token for high-security environments.
How It Works
From zero to integrated
Go live with The Auth API in under an hour. No boilerplate, no maintenance burden.
Link your customer’s The Auth API account
Use Truto’s frontend SDK to connect your customer’s The Auth API account. We handle all OAuth and API key flows — you don’t need to create the OAuth app.
We handle authentication
Don’t spend time refreshing access tokens or figuring out secure storage. We handle it and inject credentials into every API request.
Call our API, we call The Auth API
Truto’s Proxy API is a 1-to-1 mapping of the The Auth API API. You call us, we call The Auth API, and pass the response back in the same cycle.
Unified response format
Every response follows a single format across all integrations. We translate The Auth API’s pagination into unified cursor-based pagination. Data is always in the result attribute.
FAQs
Common questions about The Auth API on Truto
Authentication, rate limits, data freshness, and everything else you need to know before you integrate.
How does authentication to The Auth API work through Truto?
Truto handles credential storage and request signing for The Auth API on behalf of your end users, so you call a single Truto endpoint and we attach the correct access key to each downstream request.
Which API key lifecycle operations are supported?
The full lifecycle is covered: create, list, get, update, delete, rotate, and reactivate API keys, plus listing and managing API key auths.
Can we receive real-time events instead of polling?
Yes. You can programmatically create webhooks against The Auth API's available topics, send test pings, and manage subscriptions through Truto so your users get push-based updates.
What usage and analytics data is available?
You can pull aggregated totals at both the project and API key level, which is typically enough to drive billing, usage dashboards, and quota enforcement.
Does the integration support multi-tenant setups?
Yes. The Auth API exposes accounts, projects, teammates, user roles, and invitations, so you can model your own tenant hierarchy and provision isolated environments per customer.
What if we need an endpoint that isn't currently wired up?
Truto builds integrations on request. If your use case needs a resource or operation that isn't in the current toolset, we can extend the integration without you having to maintain the connector yourself.
The Auth API
Get The Auth API integrated into your app
Our team understands what it takes to make a The Auth API integration successful. A short, crisp 30 minute call with folks who understand the problem.