REST — /api/recovery
4 route handlers under /api/recovery · all session-gated.
Public flags are cross-referenced against
PUBLIC_API_PREFIXESinsrc/lib/route-access.ts. Routes without a public prefix require an authenticated session (or, where applicable, a signed federation request). See Auth models.
| Route | Methods | Access | Description |
|---|---|---|---|
/api/recovery/challenge | POST | Session | POST /api/recovery/challenge (ticket rivr-social/rivr-app#85) |
/api/recovery/email-reset | POST | Session | POST /api/recovery/email-reset |
/api/recovery/request-email-reset | POST | Session | POST /api/recovery/request-email-reset |
/api/recovery/verify | POST | Session | POST /api/recovery/verify (ticket rivr-social/rivr-app#85) |