Skip to main content
POST
/
api
/
v1
/
auth
/
session
Create a portal session
curl --request POST \
  --url https://api.introw.io/api/v1/auth/session \
  --header 'Content-Type: application/json' \
  --header 'x-api-key: <api-key>' \
  --data '
{
  "email": "[email protected]"
}
'
const options = {
  method: 'POST',
  headers: {'x-api-key': '<api-key>', 'Content-Type': 'application/json'},
  body: JSON.stringify({email: '[email protected]'})
};

fetch('https://api.introw.io/api/v1/auth/session', options)
  .then(res => res.json())
  .then(res => console.log(res))
  .catch(err => console.error(err));
import requests

url = "https://api.introw.io/api/v1/auth/session"

payload = { "email": "[email protected]" }
headers = {
    "x-api-key": "<api-key>",
    "Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

print(response.text)
{
  "url": "https://partners.acme.example/rooms/room_01HVK6Y8Z8Q7J8J8J8J8J8J8J8?token=eyJhbGciOiJIUzI1NiJ9.example"
}
{
  "error": {
    "code": "<string>",
    "message": "<string>",
    "details": "<unknown>"
  }
}
{
  "error": {
    "code": "<string>",
    "message": "<string>",
    "details": "<unknown>"
  }
}
{
  "error": {
    "code": "<string>",
    "message": "<string>",
    "details": "<unknown>"
  }
}
{
  "error": {
    "code": "<string>",
    "message": "<string>",
    "details": "<unknown>"
  }
}
{
  "error": {
    "code": "<string>",
    "message": "<string>",
    "details": "<unknown>"
  }
}

Authorizations

x-api-key
string
header
required

Introw API key shown once when the credential is created.

Body

application/json
email
string<email>
required

Email address of the partner portal visitor. Must already be authorized for the portal in the API key's organisation; otherwise the request returns 401.

Pattern: ^(?!\.)(?!.*\.\.)([A-Za-z0-9_'+\-\.]*)[A-Za-z0-9_+-]@([A-Za-z0-9][A-Za-z0-9\-]*\.)+[A-Za-z]{2,}$
roomId
string | null

Optional room (collaboration space) id to deep-link into after authentication. When omitted, the visitor lands on the portal home.

Minimum string length: 1

Response

Portal session URL created successfully.

url
string<uri>
required

Pre-authenticated, single-use partner portal URL. Embed it directly in an iframe (the embedding domain must be allow-listed under Settings → Developers → Embed). The URL contains a short-lived token, so treat it as a secret and generate a fresh one per visitor session.