Skip to main content
Babel authenticates users with a JWT (JSON Web Token) issued at login. Every subsequent request to the API attaches that token as a Bearer credential. Before you can log in, your email address must be verified through a one-time confirmation code.

Registration

Create a new Babel account from /auth/register.
1

Fill in the registration form

Provide the following details:
name
string
required
Your full name or display name. Used throughout the app to identify you to teammates.
email
string
required
Your email address. Babel sends a confirmation code here and uses it as your login identifier.
password
string
required
Your account password.
password_confirmation
string
required
Must match the password field exactly. Babel validates this on the client before submitting.
2

Submit the form

Click Crear cuenta. Babel sends a POST request to /auth/create-account with your details. On success, you are redirected to /auth/confirm-account and a 6-digit code is sent to your email.

Email confirmation

Your account cannot be used until your email is confirmed. Babel enforces this at login — attempting to log in with an unconfirmed account returns an error.
1

Enter the confirmation code

On the /auth/confirm-account page, enter the 6-digit code from your email into the Token field.
token
string
required
The 6-digit confirmation code sent to your email after registration.
2

Submit

Click Confirmar cuenta. Babel sends a POST to /auth/confirm-account. On success, your account is activated and you are redirected to the login page.
The confirmation code is single-use. Once submitted successfully, it cannot be reused. If you navigate away before confirming, you can return to /auth/confirm-account at any time and enter the code.

Requesting a new confirmation code

If your code expired or you never received it, request a fresh one from /auth/request-code.
1

Enter your email

email
string
required
The email address you registered with. Babel looks up the unconfirmed account associated with this address.
2

Submit

Click Enviar código. Babel sends a POST to /auth/request-code. A new 6-digit code is emailed to you. Return to /auth/confirm-account and enter the new code.

Login

Sign in from /auth/login.
1

Enter your credentials

email
string
required
The email address on your confirmed Babel account.
password
string
required
Your account password.
2

Submit

Click Ingresar. The app sends a POST to /auth/login. On success, the server returns a signed JWT. The app stores it in localStorage under the key AUTH_TOKEN and redirects you to the dashboard at /.

Token management

Babel uses a JWT-based session model. Understanding how tokens work helps you troubleshoot authentication issues.

How the token is stored and sent

After a successful login, Babel stores the JWT in localStorage: 
localStorage.setItem('AUTH_TOKEN', token);
Every API request includes the token as a Bearer credential in the Authorization header: 
Authorization: Bearer <your-jwt-token>
This is handled automatically by the Axios instance configured in src/lib/axios.ts. You do not need to attach the header manually when using the app.

Checking the current user

The app calls GET /auth/user on load to verify the stored token and hydrate the current user’s profile. If the token is missing, expired, or invalid, the request fails and you are redirected to the login page.

Logging out

Logging out removes the token from localStorage. The JWT itself is not invalidated server-side — it simply becomes inaccessible to the app. The session ends on the next page load or API call after the token is removed.
Storing a JWT in localStorage means it is accessible to any JavaScript running on the page. Be cautious about browser extensions and third-party scripts. For high-security environments, consider clearing the token explicitly on logout and keeping session durations short.

Password recovery

If you forget your password, use the two-step recovery flow.

Step 1 — Request a reset token

1

Navigate to /auth/forgot-password

Enter the email address associated with your account.
email
string
required
Your registered email address. Babel sends a reset token here if the account exists.
2

Submit

Click Enviar instrucciones. Babel sends a POST to /auth/forgot-password. You will receive an email containing a password reset token.

Step 2 — Set a new password

1

Enter the reset token

Go to /auth/new-password. Babel first asks you to enter the token from your email. This is validated against /auth/validate-token before the password form is shown.
token
string
required
The reset token from the recovery email.
2

Set your new password

Once the token is validated, enter and confirm your new password.
password
string
required
Your new password.
password_confirmation
string
required
Must match the password field.
3

Submit

Click Guardar contraseña. Babel sends a POST to /auth/update-password/:token. On success, your password is updated and you are redirected to the login page to sign in with the new credentials.

API endpoint reference

EndpointMethodDescription
/auth/create-accountPOSTRegister a new user account
/auth/confirm-accountPOSTConfirm account with a 6-digit token
/auth/loginPOSTAuthenticate and receive a JWT
/auth/request-codePOSTRequest a new confirmation code
/auth/forgot-passwordPOSTRequest a password reset email
/auth/validate-tokenPOSTValidate a password reset token
/auth/update-password/:tokenPOSTSet a new password using the reset token
/auth/userGETReturn the authenticated user’s profile
/auth/check-passwordPOSTVerify the current user’s password (used for sensitive operations)
/auth/profilePUTUpdate the authenticated user’s name and email
/auth/update-passwordPOSTChange the authenticated user’s password (requires current password)

Frequently asked questions

First, check your spam or junk folder. Confirmation emails are sent from the Babel backend and may be filtered by some providers.If the email is not in spam, go to /auth/request-code, enter your registered email address, and click Enviar código. A new confirmation code will be sent. Return to /auth/confirm-account and enter the new code.If you continue to have trouble, make sure you are checking the inbox for the exact email address you registered with.
Session duration is determined by the JWT’s expiry claim set by the backend. The app does not currently display an expiry countdown. If your session expires while you are using the app, the next API request will fail with a 401 error and you will be redirected to the login page.To resume working, log in again at /auth/login. Your projects and data are not affected by session expiry.
Use the password recovery flow. Navigate to /auth/forgot-password and enter your email address. You will receive an email with a reset token. Go to /auth/new-password, enter the token, then choose a new password.If the reset email doesn’t arrive, check your spam folder and verify you are using the correct registered email address.
No. Babel requires email confirmation before you can log in. If you attempt to log in with an unconfirmed account, the server returns an error. Complete the confirmation step at /auth/confirm-account first.
Password changes for authenticated users are handled through the profile settings. Babel uses /auth/check-password to verify your current password before accepting a new one. Navigate to your profile (accessible from the top navigation) to update your credentials.

Build docs developers (and LLMs) love

Get started for freeTalk to us