User & Minds API
Account management — register, login, create minds, list minds, delete minds. JWT-protected.
User & Minds API
The User & Minds API handles account management. These endpoints use JWT authentication (not Mind Keys) because they operate at the account level, not the mind level.
Authentication Endpoints
POST /register
Create a new user account.
curl -X POST https://synapse.schaefer.zone/register \
-H "Content-Type: application/json" \
-d '{
"email": "you@example.com",
"password": "your-secure-password",
"display_name": "Michael"
}'Response:
{
"jwt": "eyJhbGci...",
"user": {
"id": "u_abc123",
"email": "you@example.com",
"display_name": "Michael",
"created_at": "2026-06-27T..."
}
}POST /login
Login to an existing account.
curl -X POST https://synapse.schaefer.zone/login \
-H "Content-Type: application/json" \
-d '{
"email": "you@example.com",
"password": "your-secure-password"
}'Response: same as /register.
Minds Endpoints
POST /minds
Create a new mind. Returns the Mind Key — save it immediately, it's shown only once.
curl -X POST https://synapse.schaefer.zone/minds \
-H "Authorization: Bearer YOUR_JWT" \
-H "Content-Type: application/json" \
-d '{
"name": "Work Mind",
"description": "Job-related memories"
}'Response:
{
"id": "m_xyz789",
"name": "Work Mind",
"description": "Job-related memories",
"mind_key": "mk_aBcDeFgHiJkLmNoPqRsTuVwXyZ0123456789",
"created_at": "2026-06-27T..."
}GET /minds
List all minds for the current user.
curl -H "Authorization: Bearer YOUR_JWT" \
https://synapse.schaefer.zone/mindsResponse:
{
"minds": [
{
"id": "m_xyz789",
"name": "Work Mind",
"description": "Job-related memories",
"created_at": "2026-06-27T...",
"memory_count": 142,
"last_activity": "2026-06-27T..."
}
]
}DELETE /minds/:id
Delete a mind permanently.
curl -X DELETE -H "Authorization: Bearer YOUR_JWT" \
https://synapse.schaefer.zone/minds/m_xyz789Multi-Mind Pattern
Most users benefit from multiple minds to keep contexts isolated:
# Create minds for different contexts
curl -X POST .../minds -d '{"name": "work", "description": "Job"}'
# → mind_key: mk_work...
curl -X POST .../minds -d '{"name": "personal", "description": "Personal life"}'
# → mind_key: mk_personal...
curl -X POST .../minds -d '{"name": "project-synapse", "description": "Synapse dev"}'
# → mind_key: mk_synapse...Use different Mind Keys in different LLM sessions to keep contexts isolated.
Account Security
Password requirements
- Minimum 6 characters
- No maximum (use a password manager)
- Stored as bcrypt hash (never plaintext)
JWT expiry
JWTs expire after 7 days. When expired, simply call /login again.
Mind Key security
Mind Keys never expire. If a Mind Key is compromised:
- Create a new mind via
POST /minds - Update your LLM config with the new Mind Key
- Delete the compromised mind via
DELETE /minds/:id
Next Steps
- Authentication — full auth guide
- Mind Key vs JWT — decision guide
- Sharing API — share minds with other users