API Configuration
Documentation for the Fayda Authentication API configuration endpoints.
Overview
The configuration endpoints allow you to retrieve and update your API settings. These endpoints are particularly useful for managing your application's behavior and customizing the authentication experience.
Get Configuration
Retrieves the current configuration settings for your API key.
GET
/api/fayda/configRequest Headers
| Header | Required | Description |
|---|---|---|
| Authorization / X-API-Key | Yes | Your API key. See Authentication. |
Successful Response (200 OK)
json
{
"success": true,
"config": {
"otpSettings": {
"expiryMinutes": 10,
"maxAttempts": 3,
"cooldownMinutes": 30
},
"rateLimit": {
"enabled": true,
"requestsPerHour": 100
},
"security": {
"allowlistedIps": ["192.168.1.1", "10.0.0.0/24"]
},
"webhook": {
"url": "https://yourapp.com/webhook",
"secret": "wh_secret_...",
"events": ["auth.success", "auth.failure"]
}
}
}Update Configuration
Updates the configuration settings. Only fields provided in the request body will be updated.
PATCH
/api/fayda/configAdmin Permission Required
This endpoint requires an API key with 'Admin' permissions.
Request Body
The request body should be a JSON object containing the fields to update.
json
{
"otpSettings": {
"expiryMinutes": 5
},
"webhook": {
"url": "https://new.webhook.url/handler"
}
}Body Parameters
| Field | Type | Description |
|---|---|---|
| otpSettings | Object | Settings for OTP generation and verification. |
| › expiryMinutes | Number | OTP validity period in minutes. |
| › maxAttempts | Number | Maximum OTP verification attempts before cooldown. |
| › cooldownMinutes | Number | Cooldown period in minutes after max attempts are reached. |
| rateLimit | Object | API rate limiting settings. |
| › enabled | Boolean | Enable or disable rate limiting. |
| › requestsPerHour | Number | Number of allowed requests per hour per API key. |
| security | Object | Security-related settings. |
| › allowlistedIps | Array of Strings | List of IP addresses or CIDR ranges allowed to make requests. |
| webhook | Object | Webhook notification settings. |
| › url | String | The URL to send webhook events to. |
| › secret | String | A secret used to sign webhook payloads for verification. |
| › events | Array of Strings | An array of event types to subscribe to (e.g., 'auth.success'). |
Successful Response (200 OK)
Returns the complete, updated configuration object.
json
{
"success": true,
"config": {
// ... updated configuration object
}
}Partial Updates
You only need to send the fields you want to change. Unspecified fields will retain their current values.