Overview

This comprehensive API documentation provides detailed information about all available endpoints, authentication methods, request/response formats, and implementation examples. The LMW everyWORD API is a modern, secure REST API that supports user management, subscription services, and promotional features.

API Features

• Secure Authentication: Cryptographically secure opaque tokens with database session management
• Multi-Session Support: Users can be logged in from multiple devices simultaneously
• Token Refresh: Automatic token renewal with 6-month sliding window refresh tokens
• CSRF Protection: Cross-Site Request Forgery protection for all mutation operations
• Email Verification: Secure user registration with email verification codes
• User Management: Complete user lifecycle management with profile updates
• Subscription Integration: Full Stripe integration for subscription management
• Coupon System: Promotional code management and validation
• Session Management: Advanced session control with device tracking and revocation
• RESTful Design: Consistent API design patterns and response formats
• Server Resilience: Persistent authentication across server restarts
• Comprehensive Error Handling: Detailed error responses with actionable codes

Documentation Sections

Getting Started

To use the API, you'll need to:

1. Register for an account using the /api/auth/register endpoint
2. Verify your email with the code sent to your email address
3. Authenticate using the /api/auth/login endpoint to obtain an access token
4. Include this token in the Authorization header for subsequent requests
5. For mutation operations (POST, PUT, DELETE), include the CSRF token in the x-csrf-token header

API Test Console

To test API endpoints directly, visit the API Test Console section.