Welcome

Prism Auth is an Authentication-as-a-Service API that eliminates login script maintenance for browser agents. Stop writing and maintaining complex authentication logic - get live authenticated browser sessions for any website in one API call.

How It Works

Prism Auth handles the complexity of website authentication so you can focus on your core agent functionality:
  1. API Authentication - Your browser agents authenticate to Prism Auth using organization-scoped API keys
  2. Website Authentication - We handle login automation, email verification, and session management for target websites
  3. Live Session Delivery - Receive complete browser state (cookies, localStorage, etc.) ready for immediate use

Core Value Proposition

For Browser Agent Developers:
  • Zero Login Script Maintenance - Never write website-specific login automation again
  • Universal Website Support - Works with arbitrary websites, not just pre-configured platforms
  • Automatic Email Verification - We handle signup email verification flows automatically
  • Live Session Delivery - Get authenticated sessions ready for immediate browser use
  • Multi-Tenant Organization Scoping - Secure API key authentication with organization isolation

Getting Your API Key

All API endpoints require authentication using Bearer tokens from your Prism Auth Dashboard:
1

Access Dashboard

Navigate to prismai.sh/workspace
2

Generate API Key

Create a new API key with pk_ prefix for your organization
3

Use in Requests

Include the Bearer token in all API requests
Authorization: Bearer pk_your_actual_api_key_here
Keep your API keys secure and never expose them in client-side code. Store them in environment variables.

Endpoints

Everything you need for Authentication-as-a-Service:

POST /login

Authenticate users with existing credentials and receive live session cookies. Currently supports email/password authentication.

POST /signup

Automatically create accounts with provided credentials. Handles email verification flows and returns both the authenticated session and credential references for future refresh operations.

POST /refresh

Use stored credential references to generate fresh authenticated sessions when current sessions expire, without requiring user re-authentication.

Available Now

  • POST /login - Authenticate with username/password and receive session cookies
  • Cookie Management - Complete session extraction and application for browser agents
  • Multi-domain Support - Authenticate to any website

Coming Soon

  • Login with OAuth providers, magic links, and other authentication methods
  • POST /signup endpoint for account creation
  • POST /refresh endpoint for session renewal

Live Session Response Format

Authentication responses return structured session data ready for browser use:

Login Response

{
  "cookies": [
    {
      "name": "session_id",
      "value": "xyz789abc123...",
      "domain": "github.com",
      "path": "/",
      "expires": 1791936891.425452,
      "httpOnly": true,
      "secure": true,
      "sameSite": "Lax"
    }
  ],
  "origins": []
}

Signup Response (includes credential storage)

{
  "cookies": [...],
  "origins": [],
  "credentialId": "uuid-for-future-refresh",
  "expiresAt": "2024-12-31T23:59:59Z"
}
Apply the returned cookies directly to your browser context for immediate authenticated access to the target website.

Next Steps

Quickstart Guide

Complete integration example with browser agents

Login API

Start with email/password authentication

Need help?

Contact our team for integration support and questions