Create Hosted Auth URL

curl --request POST \
  --url https://api.thefaithapp.com/v1/auth/start \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "client_key": "<string>",
  "redirect_uri": "<string>",
  "state": "<string>",
  "code_challenge": "<string>",
  "code_challenge_method": "<string>"
}
'

{
  "auth_url": "<string>",
  "client": {},
  "redirect_uri": "<string>",
  "providers": [
    "<string>"
  ]
}

POST

auth

start

Create Hosted Auth URL

curl --request POST \
  --url https://api.thefaithapp.com/v1/auth/start \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "client_key": "<string>",
  "redirect_uri": "<string>",
  "state": "<string>",
  "code_challenge": "<string>",
  "code_challenge_method": "<string>"
}
'

{
  "auth_url": "<string>",
  "client": {},
  "redirect_uri": "<string>",
  "providers": [
    "<string>"
  ]
}

Creates a TheFaithApp-hosted member sign-in URL. Open the returned auth_url in a browser or mobile auth session.

Example request

curl -X POST https://api.thefaithapp.com/v1/auth/start \
  -H "Content-Type: application/json" \
  -d '{
    "client_key": "your-client-api-key",
    "redirect_uri": "https://example.com/auth/callback",
    "state": "replace-with-random-state"
  }'

Request inputs

client_key

string

required

Client key from Settings > Developer Access.

redirect_uri

string

required

Callback URL or mobile deep link that will receive the one-time auth code. This must exactly match a saved Redirect URL.

state

string

Random value generated by your app. The same value is returned to your callback so you can reject forged redirects.

code_challenge

string

Optional PKCE challenge. Recommended for mobile and other public clients.

code_challenge_method

string

Optional PKCE method. Use S256 when sending a SHA-256 based challenge. Defaults to plain when code_challenge is present and no method is provided.

Response fields

auth_url

string

required

The hosted sign-in URL to open for the member.

client

object

required

Public church details shown on the hosted sign-in page.

redirect_uri

string

required

The redirect URL that was accepted for this flow.

providers

string[]

required

Hosted sign-in methods currently available for this client.

Example response

{
  "auth_url": "https://auth.thefaithapp.com/member/sign-in?client_key=your-client-api-key&redirect_uri=https%3A%2F%2Fexample.com%2Fauth%2Fcallback&state=replace-with-random-state",
  "client": {
    "id": 45,
    "name": "Example Church",
    "image": "clients/example-logo.png",
    "image_url": "https://cdn.example.com/clients/example-logo.png",
    "about": null,
    "public_uuid": "11111111-2222-3333-4444-555555555555"
  },
  "redirect_uri": "https://example.com/auth/callback",
  "providers": ["google", "apple", "email"]
}

Error responses

403: redirect_uri is not allowed for the client.
404: client_key does not match a known client.
422: request validation failed.

Hosted Auth Guide Exchange Hosted Auth Code

​Example request

​Request inputs

​Response fields

​Example response

​Error responses

Example request

Request inputs

Response fields

Example response

Error responses