1. Documentation
Xentree Docs
  • Documentation
    • Introduction
    • Quickstart
    • Authentication
    • Conversations
    • Knowledge Base
    • Xentree Live
    • Organizations and Teams
    • Xentree English
    • Errors and Limits
  • API Reference
    • Authentication
      • Register a new user
      • Log in and get an access token
      • Refresh an access token
      • Log out the current user
      • Get the current authenticated user
      • Update the current authenticated user
    • Conversations
      • List available AI providers
      • Generate an AI response
      • List conversations for the current user
      • Create a conversation
      • Get messages for a conversation
      • Search indexed user content
    • Knowledge Base
      • Search the knowledge base
    • Xentree Live
      • Get remaining Xentree Live quota
      • Start a live session
      • Update an active live session heartbeat
      • End a live session
      • Update the user nickname used in Xentree Live
      • List live transcripts for the current user
      • Save live session transcripts
      • Get a single live transcript
    • Organizations
      • List organizations for the current user
      • Create an organization
      • Get organization details
      • Update organization details
      • Delete an organization
      • List organization members
      • Add a member to an organization
    • Integrations
      • List active integrations for the current user
      • Start the Google Calendar OAuth flow
    • Xentree English
      • List XEL modules with user progress
      • Get XEL module details
      • Submit a learning task response
      • Run AI evaluation for speaking or writing
      • Get the XEL dashboard overview
  • Schemas
    • Error
    • TokenResponse
    • UserProfile
    • ChatRequest
    • ChatResponse
    • ConversationCreateRequest
    • ConversationResponse
    • KnowledgeSearchRequest
    • LiveStartSessionRequest
    • LiveSessionResponse
    • LiveQuotaResponse
    • TranscriptTurn
    • SaveLiveTranscriptsRequest
    • OrganizationCreateRequest
    • OrganizationResponse
    • MemberResponse
    • XELModuleSummary
    • XELTaskSubmissionRequest
  1. Documentation

Authentication

Xentree uses bearer token authentication for protected endpoints.

Supported auth flow#

Access token#

Use the access token in the Authorization header:

Refresh token#

Xentree also supports session refresh via the refresh endpoint.

Main endpoints#

Register#

Create a new user account.
POST /api/auth/register

Login#

Exchange username and password for an access token.
POST /api/auth/token
Content type: application/x-www-form-urlencoded

Refresh session#

Issue a fresh access token.
POST /api/auth/refresh

Logout#

Invalidate the current session.
POST /api/auth/logout

Current user#

Return the authenticated user profile.
GET /api/auth/me

Update current user profile#

Patch profile-level attributes for the current user.
PATCH /api/auth/me

Example login request#

Common authentication errors#

401 Unauthorized#

Returned when the token is missing, expired, malformed, or invalid.

403 Forbidden#

Returned when a valid user lacks permission for the requested resource.

Best practices#

store tokens securely
always send requests over HTTPS
refresh access tokens before long-running sessions expire
revoke sessions on logout or device disconnect
Modified at 2026-04-17 06:31:40
Previous
Quickstart
Next
Conversations
Built with