API Reference

Init

Creates a session for an app and performs version/hash/access checks.

Endpoint

Method
POST
Path
/api/v2/init

Base URL: https://authly.cc

Request Body

{
  "owner_id": "12345678",
  "app_name": "HI",
  "version": "1.3",
  "secret": "your-secret",
  "hash": "your-app-hash"
}
  • owner_id (required): your owner id.
  • app_name (required): your app name.
  • version (recommended): the client app version string (semver style: 1.3, 1.3.0).
  • secret (required): app secret.
  • hash (optional/required depending on app settings): required if the app has hash checking enabled.

Success Response

{
  "success": true,
  "message": "Init success",
  "session_id": "dc1ce...a3a75",
  "owner_id": "12345678",
  "app_name": "HI",
  "version": "1.3",
  "update": {
    "available": true,
    "latest_version": "1.4",
    "download_url": "https://example.com/download",
    "force_update": false,
    "show_reminder": true,
    "reminder_message": "Please update your app to the latest version",
    "allowed_until": null
  }
}

update is only present when auto-update/reminder logic applies.

Error Codes

Many messages for Init errors are customizable from the dashboard (Init category). System-only errors are not editable.

400
  • MISSING_FIELDS
  • HASH_REQUIRED
401
  • INVALID_SECRET
  • INVALID_HASH
403
  • APP_DISABLED
  • IP_BLOCKED
  • VPN_BLOCKED
  • COUNTRY_BLOCKED
404
  • OWNER_NOT_FOUND (system-only)
  • APP_NOT_FOUND
426
  • UPDATE_REQUIRED
  • VERSION_MISMATCH
500
  • INTERNAL