--- title: The Auth API API Integration on Truto slug: theauthapi category: Security canonical: "https://truto.one/integrations/detail/theauthapi/" --- # The Auth API API Integration on Truto **Category:** Security **Status:** Generally available ## MCP-ready AI tools Truto exposes 57 tools for The Auth API that AI agents can call directly. - **list_all_the_auth_api_misc** — List resources from the theauthapi root endpoint. Returns a 200 response; the upstream source does not enumerate any response fields or parameters for this endpoint. - **list_all_the_auth_api_access_keys** — List theauthapi access keys for an account. Returns: key, accountId, projectId, isActive. Required: accountId. - **create_a_the_auth_api_access_key** — Create a new access key in theauthapi. Returns: key, accountId, projectId, isActive. Required: accountId. - **update_a_the_auth_api_access_key_by_id** — Update an existing theauthapi access key by id. Returns: key, accountId, projectId, isActive. Required: id. - **delete_a_the_auth_api_access_key_by_id** — Delete a theauthapi access key by id. Returns an empty 200 response on success. Required: id. - **update_a_the_auth_api_access_key_reactivate_by_id** — Reactivate a deactivated access key in theauthapi. Returns a 200 response on success. Required: id. - **list_all_the_auth_api_projects** — List projects in theauthapi for a specific account. Returns: id. Required: accountId. - **create_a_the_auth_api_project** — Create a new project in theauthapi. Returns: id. - **get_single_the_auth_api_project_by_id** — Get a single theauthapi project by id. Returns: id. Required: id. - **update_a_the_auth_api_project_by_id** — Update an existing theauthapi project by id. Returns: id. Required: id. - **delete_a_the_auth_api_project_by_id** — Delete a theauthapi project by id. Returns: id. Required: id. - **list_all_the_auth_api_user_roles** — List all user roles in theauthapi. Returns a collection of user role objects including id and attributes. Optional: accountId to filter results by account. - **update_a_the_auth_api_user_role_by_id** — Update roles for a specific user in theauthapi. Returns the updated user role record including id and attributes. Required: id. - **delete_a_the_auth_api_user_role_by_id** — Delete roles for a specific user in theauthapi. Returns an empty 204 response on success. Required: id. - **list_all_the_auth_api_webhooks** — List webhooks in theauthapi filtered by account, project, and topic. Returns: id, accountId, projectId, topic. Required: accountId, projectId, topic. - **create_a_the_auth_api_webhook** — Create a new webhook in theauthapi. Returns: id, accountId, projectId, topic. Required: accountId, projectId, topic. - **get_single_the_auth_api_webhook_by_id** — Get a single theauthapi webhook by id. Returns: id, accountId, projectId, topic. Required: id. - **update_a_the_auth_api_webhook_by_id** — Update an existing theauthapi webhook by id. Returns: id, accountId, projectId, topic. Required: id. - **delete_a_the_auth_api_webhook_by_id** — Delete a theauthapi webhook by id. Returns an empty 204 response on success. Required: id. - **create_a_the_auth_api_webhooks_ping** — Send a test ping to a theauthapi webhook endpoint to verify connectivity and confirm the webhook is reachable. Returns an empty 200 response on success. - **list_all_the_auth_api_webhooks_topics** — List all available webhook topics in theauthapi. Returns the collection of webhook event topics that can be subscribed to. The response shape is not enumerated in the upstream documentation. - **list_all_the_auth_api_accounts** — List all accounts in theauthapi. Returns: id. - **create_a_the_auth_api_account** — Create a new account in theauthapi. Returns: id. - **get_single_the_auth_api_account_by_id** — Get a single account by id from theauthapi. Returns: id. Required: id. - **update_a_the_auth_api_account_by_id** — Update an existing account by id in theauthapi. Returns: id. Required: id. - **delete_a_the_auth_api_account_by_id** — Delete an account by id from theauthapi. Returns an empty 204 response on success. Required: id. - **create_a_the_auth_api_account_user** — Invite a user to a theauthapi account by account id. Returns an empty 201 response on success. Required: id. - **create_a_the_auth_api_auth_signup** — Create a new user account in theauthapi by signing up with a JSON body following the UserSignupDto schema. Returns an empty 201 response on success. - **create_a_the_auth_api_auth_add_user_from_firebase** — Add a user to theauthapi from a Firebase account by posting Firebase user credentials as a JSON body. Returns an empty 201 response on success. - **create_a_the_auth_api_auth_login** — Authenticate a user in theauthapi by submitting login credentials as a JSON body. Returns a 201 response on success. The response body is not enumerated in the upstream source. - **create_a_the_auth_api_auth_email_otc** — Create and send an email one-time code (OTC) via theauthapi to initiate email-based authentication. Returns an empty 201 response on success. Required: email. - **create_a_the_auth_api_auth_validate_login_code** — Validate a login code in theauthapi. Returns an empty 201 response on success. - **create_a_the_auth_api_auth_refresh_access_token** — Refresh an access token in theauthapi by posting a user access token payload. Returns a 201 Created response on success. Required: a valid user access token body (UserAccessTokenDto). - **create_a_the_auth_api_auth_authenticate** — Authenticate with theauthapi to verify credentials and obtain access. Returns a 201 response on success. No specific request body fields or response fields are documented by the upstream source. - **update_a_the_auth_api_user_by_id** — Update an existing user in theauthapi by id. Applies a partial JSON patch to the user record and returns a 200 response on success. Required: id. - **list_all_the_auth_api_api_keys** — List API keys in theauthapi. Returns: key, name, projectId, isActive, customAccountId, customUserId. Optionally filter by projectId, name, customAccountId, customUserId, or isActive. - **create_a_the_auth_api_api_key** — Create a new API key in theauthapi. Returns: key, name, projectId, isActive, customAccountId, customUserId. - **the_auth_api_api_keys_list_2** — Look up a theauthapi API key by its key string value. Returns: key, name, projectId, isActive, customAccountId, customUserId. Required: key. - **update_a_the_auth_api_api_key_by_id** — Update an existing theauthapi API key by id. Returns: key, name, projectId, isActive, customAccountId, customUserId. Required: id. - **delete_a_the_auth_api_api_key_by_id** — Delete a theauthapi API key by id. Returns an empty 200 response on success. Required: id. - **get_single_the_auth_api_api_key_by_id** — Get a single theauthapi API key by id. Returns: key, name, projectId, isActive, customAccountId, customUserId. Required: id. - **list_all_the_auth_api_api_keys_auths** — Authenticate a theauthapi API key using the legacy GET endpoint (authenticateKeyLegacy). Returns a 200 OK response on success. Required: key. - **create_a_the_auth_api_api_keys_auth** — Authenticate a theauthapi API key via POST (authenticateKey). Returns a 200 OK response on success. Required: id. - **get_single_the_auth_api_api_keys_auth_by_id** — Authenticate a theauthapi API key by id using GET. Returns a 200 OK response on success. Required: id. - **update_a_the_auth_api_api_key_reactivate_by_id** — Reactivate an API key in theauthapi by its key identifier. Returns a 200 response on success. Required: id. - **create_a_the_auth_api_api_key_rotate** — Rotate an API key in theauthapi by its key id. Returns a 201 response on success; the response body is not documented by the source. Required: id. - **list_all_the_auth_api_analytics_project_totals** — List analytics project totals in theauthapi for a specific project and date grouping. Returns aggregated analytics totals data for the project (the upstream source documents a 200 response but does not enumerate specific response fields). Required: projectId, dateGrouping. - **list_all_the_auth_api_analytics_api_key_totals** — List API key usage totals from theauthapi analytics, grouped by a specified date period. Returns aggregate analytics data for the given project (response fields are not enumerated in the source documentation). Required: projectId, dateGrouping. - **list_all_the_auth_api_notifications** — List notifications in theauthapi. Returns a collection of notification records; the source documents only a 200 response with no additional field details. Returns: id. - **list_all_the_auth_api_invitations** — List invitations in theauthapi. Returns: id, accountId, projectId, status. Optionally filter results by accountId, projectId, or status. - **create_a_the_auth_api_invitation** — Create a new invitation in theauthapi. Returns: id, accountId, projectId, status. - **get_single_the_auth_api_invitation_by_id** — Get a single invitation by id in theauthapi. Returns: id, accountId, projectId, status. Required: id. - **update_a_the_auth_api_invitation_by_id** — Update an existing invitation by id in theauthapi. Returns: id, accountId, projectId, status. Required: id. - **delete_a_the_auth_api_invitation_by_id** — Delete an invitation by id in theauthapi. Returns an empty 204 response on success. Required: id. - **create_a_the_auth_api_invitation_accept** — Accept a theauthapi invitation by id. Returns an empty 201 response on success. Required: id. - **list_all_the_auth_api_invitation_info** — Get information about a specific theauthapi invitation by id. Returns: id and invitation-specific attributes. Required: id. - **list_all_the_auth_api_teammates** — List teammates in theauthapi. Returns a collection of teammate objects; the exact response fields are not enumerated in the source documentation. Optionally filter results by accountId or projectId. ## How it works 1. **Link your customer's The Auth API account.** Use Truto's frontend SDK; we handle every OAuth and API key flow so you don't need to create the OAuth app. 2. **Authentication is automatic.** Truto refreshes tokens, stores credentials securely, and injects them into every API request. 3. **Call Truto's API to reach The Auth API.** The Proxy API is a 1-to-1 mapping of the The Auth API API. 4. **Get a unified response format.** Every response uses a single shape, with cursor-based pagination and data in the `result` field. ## Use cases - **Power usage-based billing with key-level telemetry** — Billing and metering platforms can pull aggregated API call volume per key or project from The Auth API to drive accurate pay-as-you-go invoicing for their customers, without asking them to instrument custom event streams. - **Embed self-service API key management in developer portals** — Hosted documentation and developer experience platforms can let end-users generate, rotate, and revoke keys directly from the docs UI, removing context switches and improving Time to Hello World. - **Trigger PLG signals from real API activity** — GTM and CRM tools can subscribe to lifecycle webhooks (key creation, activation, first call) to score leads and notify sales the moment a prospect actually integrates, instead of relying on lagging product analytics. - **Sync key lifecycle events into SIEM and audit pipelines** — Security and observability platforms can ingest key creation, rotation, reactivation, and deletion events to maintain a complete audit trail of credential activity across their customers' environments. - **Provision multi-tenant API access for embedded platforms** — Platforms that resell or wrap APIs can programmatically create projects, accounts, and scoped keys per end customer, mapping their internal tenant model directly onto The Auth API's project hierarchy. ## What you can build - **Embedded API key issuance and rotation UI** — Ship a native panel where users click to create, rotate, reactivate, or revoke their The Auth API keys without leaving your app. - **Per-tenant usage dashboards** — Render charts of API call totals by key and project using analytics endpoints to give your customers visibility into their own consumption. - **Webhook-driven automation workflows** — Let users subscribe to The Auth API webhook topics from inside your product and route events into Slack, CRMs, or internal pipelines. - **Multi-project provisioning for new customers** — Automatically create a project, account, and initial API key in The Auth API whenever a new tenant signs up in your platform. - **Teammate and role management** — Surface The Auth API teammates, invitations, and user roles in your admin console so customers can manage who has access without logging into a separate tool. - **Scheduled usage export for billing** — Run a cron-backed sync against project and key analytics totals to feed your metering or invoicing engine on a defined cadence. ## FAQs ### How does authentication to The Auth API work through Truto? Truto handles credential storage and request signing for The Auth API on behalf of your end users, so you call a single Truto endpoint and we attach the correct access key to each downstream request. ### Which API key lifecycle operations are supported? The full lifecycle is covered: create, list, get, update, delete, rotate, and reactivate API keys, plus listing and managing API key auths. ### Can we receive real-time events instead of polling? Yes. You can programmatically create webhooks against The Auth API's available topics, send test pings, and manage subscriptions through Truto so your users get push-based updates. ### What usage and analytics data is available? You can pull aggregated totals at both the project and API key level, which is typically enough to drive billing, usage dashboards, and quota enforcement. ### Does the integration support multi-tenant setups? Yes. The Auth API exposes accounts, projects, teammates, user roles, and invitations, so you can model your own tenant hierarchy and provision isolated environments per customer. ### What if we need an endpoint that isn't currently wired up? Truto builds integrations on request. If your use case needs a resource or operation that isn't in the current toolset, we can extend the integration without you having to maintain the connector yourself.