Skip to content
Lamba
Sign In

API details

OpenAPI and Postman

Import the public customer collection and use it with your Project, environment, and session tokens.

Public customer collection

Use the public customer collection when you want to validate the runtime contract from Postman or another API client. The collection should use only:

  • https://test.id.uselamba.com or https://id.uselamba.com
  • https://test.api.uselamba.com or https://api.uselamba.com
  • customer session tokens or management client tokens
  • Workspace, Project, and environment values supplied as request body fields when the endpoint requires them

Recommended variables:

  • authBaseUrl
  • apiBaseUrl
  • accessToken
  • refreshToken
  • workspaceId
  • projectId
  • environment
  • adminLogin
  • adminPassword
  • managementClientId
  • managementClientSecret

Suggested workflow:

  1. Import the customer collection and environment variables.
  2. Set authBaseUrl, apiBaseUrl, workspaceId, projectId, and environment.
  3. Register or sign in a test user.
  4. Run Auth - Switch context to capture a scoped customer session.
  5. Call me/* routes to verify profile, memberships, linked identities, security, and authorization.
  6. Call admin/* routes only with a session or management token that has the required Project role or admin scope.

Notes:

  • This package is customer contract only. It stays on id.* plus api.*.
  • Do not add console-only workspace or project headers to public customer requests.
  • /v1/admin/* requests expect a scoped session or management token with the right permissions.
  • Browser-dependent /connect/authorize and social login redirects are usually manual flows because they require browser redirects.

Management client tokens

Server-side automation can use a confidential management client for customer admin routes.

curl -fsS "$LAMBA_CUSTOMER_AUTH_BASE/connect/token" \
  -H "content-type: application/x-www-form-urlencoded" \
  --data-urlencode "grant_type=client_credentials" \
  --data-urlencode "client_id=$LAMBA_MANAGEMENT_CLIENT_ID" \
  --data-urlencode "client_secret=$LAMBA_MANAGEMENT_CLIENT_SECRET" \
  --data-urlencode "workspaceId=$LAMBA_WORKSPACE_ID" \
  --data-urlencode "projectId=$LAMBA_PROJECT_ID" \
  --data-urlencode "environment=test" \
  --data-urlencode "scope=customer.members.read customer.webhooks.read"

Use that bearer token only on /v1/admin/*. Self-service routes such as /v1/me/context require a user session.

Console setup

Use the Lamba console to create the inputs used by the collection:

  • customer application client IDs and redirect URIs
  • management clients and secret rotation
  • Project role catalog and admin-capable test users
  • custom domains and environment bindings
  • webhook endpoints and subscribed event types
  • SMS add-on status and tiers

Contract checks

  • Keep sandbox and production environment variables separate.
  • Verify one happy path and one error path for each critical endpoint group.
  • Test 401, 403, 402, 409, and 429 handling before release.
  • Include traceId or X-Correlation-Id in support requests.
  • API overview: /docs/reference/api-overview
  • Plan enforcement: /docs/concepts/plan-enforcement
  • Customer API request and response contract: /docs/quickstart/customer-api