POST /v3/auth/email-check
const url = 'https://api-ha-prod-p8.handbid.dev/v3/auth/email-check';const options = { method: 'POST', headers: {Authorization: 'Bearer <token>', 'Content-Type': '*/*'}, body: '"{\n \"email\": \"user@example.com\",\n \"whitelabelId\": {{whitelabelId}}\n}"'};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request POST \ --url https://api-ha-prod-p8.handbid.dev/v3/auth/email-check \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: */*' \ --data '"{\n \"email\": \"user@example.com\",\n \"whitelabelId\": {{whitelabelId}}\n}"'Checks whether an account exists for the given email.
Next step after this runs:
userFound: true→ runverify-pin(the SMS PIN was just fired to the user’s phone on file).userFound: false→ runregister(then verify-pin).
Before you send: edit the body to use a real email. The default user@example.com is a placeholder and will always return userFound: false — not a bug. Real seeded test users in local dev: dev@handbid.com, jhporte@handbid.com, *@handbid.dev.
reCAPTCHA: captchaToken is optional (action login). When present it’s validated against the endpoint-appropriate site-key. When absent, the request is routed through a strict rate-limit budget instead (10 req / 5 min per IP) — you’ll get a 429 rate_limited with retryAfter: 300 if you burn through the budget. In docker-dev both validation and the strict throttle are skipped because params['captchaOnRegisterEnabled'] is false.
Authorizations
Section titled “Authorizations ”Request Body
Section titled “Request Body ”Example
"{\n \"email\": \"user@example.com\",\n \"whitelabelId\": {{whitelabelId}}\n}"Responses
Section titled “ Responses ”Successful response