Getting Started with SlashID Identity Management
The SlashID APIs allow you to configure and manage data stored with SlashID using a simple, flexible, and powerful REST API. If you are already familiar with SlashID, you can skip to the API reference, or to the Quick links for specific issues. If you are new to SlashID, read this page as well as the SDK documentation.
Before you start
If you haven't done it yet, start by creating a free SlashID account to get an API key. This will allow you to start developing and to use the SlashID sandbox environment to experiment with the API.
Read the SDK documentation to understand how users are authenticated and how to integrate SlashID into your frontend.
Glossary
The following terms are used throughout the SlashID documentation:
| Term | Meaning |
|---|---|
| Attribute | A key-value pair containing information about a specific person |
| Authentication | The process of verifying the identity of a user of service or website |
| Credential | A piece of information that can be used to authenticate a person |
| Handle | A unique identifier for a person whose ownership can be verified remotely (for example, an email address or phone number) |
| Person | A user associated with your organization |
| SDK | In the context of this documentation, it refers to the SlashID SDK for authenticating persons and interacting with the SlashID backend |
| Passkeys (WebAuthn) | A web standard for authenticating users on the web using public key cryptography, without passwords - more information can be found here |
API sections
The SlashID API is divided in the following sections, each managing a different aspect of the data held with SlashID.
Persons
Endpoints to manage the users associated with your organization and, in particular, how they authenticate. Note that some of this functionality is best accessed through the SlashID SDK rather than calling APIs directly; this will minimize development time and ensure correct and consistent usage.
The expected use of the persons endpoints is:
- retrieving information about a person
- removing a person from your organization
- modifying authentication policies in a granular way; for example, by enforcing a minimum number of authentication factors for high-risk users
- migrating existing users to SlashID from another user management system
The Direct-ID endpoint can be used to generate single-use authentication challenges, which can then be embedded in links. In this way, you can ensure that users can move between services and pages without needing to re-authenticate and without needing to share tokens.
Attributes
The attributes endpoints are used to attach arbitrary data to persons in your organization. Attributes are stored securely in the same geographical region as the person they are attached to.
For example, attributes can be used to store personal addresses or organization-specific information. As the data is encrypted and geographically co-located with the person data, attributes ensure that regulatory compliance needs are met, as well as ensuring data security, while maintaining a simple interface for development.
Credentials
These endpoints can be used to create and delete credentials associated with persons in your organization. Specifically, these endpoints can create a public key credential for a person, which can then be used for Passkeys authentication. This is a key part of migrating users from an existing identity provider to SlashID, as it means users can continue to authenticate with Passkeys without having to register again, making the process transparent for end-users.
Organizations
Use these endpoints to set organization-level policies about authentication, such as token duration and permitted origin domains, and to customize communication on your organization’s behalf between SlashID and your end-users.
Quick links
Here is a list of common tasks for developers working with SlashID and indications of where to start with the SlashID documentation.
| I want to… | So I should read… |
|---|---|
| See a React example | React quickstart |
| See a Remix example | Remix quickstart |
| See sample projects | Sample apps on GitHub |
| See a sample project with suborganizations | Suborganizations guide |
| Use webhooks to customize user flows | Webhooks guide |
| Pre-authenticate users moving from one of my services to another | Direct-ID endpoint documentation |
| Implement SSO | SSO guide |
| Authenticate users of my service from my frontend using SlashID | SDK documentation |
| Bulk-import my existing users to SlashID | persons and credentials endpoint documentation |
| Enrich a user with additional data from a backend service | Attributes APIs |
| Enrich a user with additional data from my frontend | Users SDK documentation |
| Make communication with users consistent with my organization's branding | E-mail templates endpoints |
Feedback
Spotted an error or something missing? Let us know!