Registration
Butt-Dial includes self-service registration. Users create an account, verify their email, and get API credentials — no manual admin setup needed.
Flow
- Visit the landing page and click Get Started
- Fill out the registration form (name, email, organization, password)
- Receive a verification email with a 6-digit code
- Enter the code to verify
- Get an organization token and start using the API
Endpoints
| Endpoint | Method | Description |
|---|---|---|
/auth/login | GET | Login/register page |
/auth/register | POST | Create account |
/auth/verify | GET/POST | Email verification |
/auth/login | POST | Login with existing credentials |
Email Verification
- 6-digit code sent to the user's email
- Codes expire after 15 minutes
- Requires Resend to be configured
- In demo mode, the code is shown on screen instead of emailed
Organization Tokens
After registration, each organization gets:
- A unique organization ID
- An API token for authenticating MCP tool calls
- Access to the admin dashboard
GET /sse?token=<org-token>&agentId=<agent-id> (agentId required for org tokens)Security
- Passwords hashed with bcrypt (cost factor 12)
- Registration rate-limited (5 attempts per IP per 15 minutes)
- Email verification required before API access
- Tokens stored as SHA-256 hashes, never plaintext