Flint Task Home

API Reference

The Flint Task REST API lets you authenticate users and administer the workspace programmatically. All endpoints are served under https://flinttask.com/api and exchange JSON.

Authentication

Obtain a token via /auth/login or /auth/register, then send it on each request:

curl https://flinttask.com/api/auth/me \
  -H "Authorization: Bearer <token>"

Authentication

Email + password authentication. A successful login or registration returns a JWT (valid 7 days) — send it as a Bearer token on every authenticated request.

POST/auth/register Public

Create a new account (role: member) and sign in immediately.

Request body

{
  "name": "Jane Doe",
  "email": "[email protected]",
  "password": "secret123"   // min 6 chars
}

Response

201 Created
{
  "token": "eyJhbGci…",
  "user": {
    "id": "uuid",
    "name": "Jane Doe",
    "email": "[email protected]",
    "role": "member",
    "status": "active"
  }
}
POST/auth/login Public

Exchange email + password for a JWT.

Request body

{
  "email": "[email protected]",
  "password": "secret123"
}

Response

200 OK
{ "token": "eyJhbGci…", "user": { … } }

401 — invalid email or password
403 — account suspended
GET/auth/me Bearer token

Return the currently authenticated user.

Response

200 OK
{ "user": { "id", "name", "email", "role", "status" } }
POST/auth/change-password Bearer token

Change your own password.

Request body

{
  "currentPassword": "secret123",
  "newPassword": "newsecret456"   // min 6 chars
}

Response

200 OK
{ "ok": true }

401 — current password is incorrect

Workspace config

Public, read-only system configuration — feature flags and workspace branding. No authentication required.

GET/config Public

Feature flags + workspace branding (name, tagline, accent color).

Response

200 OK
{
  "workspace": { "name", "tagline", "accentColor" },
  "flags": [
    { "key": "projects", "label": "Projects", "enabled": true },
    …
  ]
}

Administration

System-management endpoints. Require a Bearer token belonging to a user with the admin role; otherwise they return 403.

GET/admin/flags Admin only

List all feature flags.

Response

200 OK
{ "flags": [ { "key", "label", "description", "enabled" } ] }
PATCH/admin/flags/:key Admin only

Enable or disable a feature for the whole workspace.

Request body

{ "enabled": false }

Response

200 OK
{ "key": "cycles", "enabled": false }
GET/admin/users Admin only

List all user accounts.

Response

200 OK
{ "users": [ { "id", "name", "email", "role", "status" } ] }
POST/admin/users Admin only

Create a user account with a chosen role.

Request body

{
  "name": "Sam Lee",
  "email": "[email protected]",
  "password": "secret123",
  "role": "member"   // admin | member | guest
}

Response

201 Created
{ "user": { … } }
PATCH/admin/users/:id Admin only

Update a user’s role or status (active / suspended).

Request body

{ "role": "admin", "status": "active" }

Response

200 OK
{ "user": { … } }

400 — cannot demote/suspend the last active admin
DELETE/admin/users/:id Admin only

Delete a user account.

Response

200 OK
{ "ok": true }
PATCH/admin/workspace Admin only

Update workspace branding (name, tagline, accent color).

Request body

{ "name": "Flint Task", "tagline": "…", "accentColor": "#5e6ad2" }

Response

200 OK
{ "workspace": { … } }