login

Developing

Develop Env

http://localhost:3000/api

POST

/auth/login

Maintainer:Not configured

Initiates OAuth flow. Redirects user to identity provider.

No request body. Response is a 302 redirect.

Client guidance

Store access_token in memory or secure storage (see Token storage section).

Store refresh_token as httpOnly cookie when possible (recommended for SPAs with cookie-based refresh).

If you receive mfa_required, show prompt for TOTP and call /mfa/verify.

Request

Body Params application/json

Examples

Responses

🟢200Success

application/json

User logged in successfully

No MFA

Body

🟠401Unauthorized

🔴500Server Error

🟠423Locked

🟢202Accepted

🟠429Too Many Requests

Request Example

Shell

JavaScript

Java

Swift

cURL

Example 1Example 2

curl --location --request POST 'http://localhost:3000/api/auth/login' \
--header 'Content-Type: application/json' \
--data-raw '{
  "email": "Hildegard.Schaefer37@hotmail.com",
  "password": "gLBz0Ov_4LhkHpK^gLBz0Ov_4LhkHpK^gLBz0Ov_4LhkHpK^gLBz0Ov_4LhkHpK@gLBz0Ov_4LhkHpK^gLBz0Ov_4LhkHpK^gLBz0Ov_4LhkHpK^gLBz0Ov_4LhkHpK gLBz0Ov_4LhkHpK^gLBz0Ov_4LhkHpK^gLBz0Ov_4LhkHpK^gLBz0Ov_4LhkHpK@gLBz0Ov_",
  "deviceInfo": {
    "deviceId": "63",
    "ipv4": "143.170.170.222",
    "ipv6": "f26f:c2e6:20aa:cbb0:9660:ffe8:2d7a:b48b",
    "userAgent": "Mozilla/5.0 (X11; Linux x86_64; rv:5.7) Gecko/20100101 Firefox/5.7.9"
  }
}'

Response Example

200 - Example 1

{
    "status": "ok",
    "message": "User Logged in successfully",
    "data": {
        "user": {
            "id": "b7295212-f97f-414a-b690-8ab1bc31d1b2",
            "email": "Ara.Braun33@gmail.com",
            "name": "Mrs. Melissa Ferry",
            "avatarUrl": "https://picsum.photos/seed/nEkVTH9WKM/66/2542?blur=9",
            "orgId": "d7319423-8b67-404b-a421-15bb629996e2",
            "isVerified": true,
            "status": "inactive",
            "createdAt": "2025-10-10T17:14:09.223Z",
            "updatedAt": "2025-10-10T17:14:09.223Z"
        },
        "token": {
            "accessToken": "Verecundia vesco suspendo calamitas depereo bellum commemoro.",
            "refreshToken": "Victus cupiditas tener videlicet adsum pauci ipsam cunctatio ullam.",
            "expiresIn": 3587
        },
        "session": {
            "sessionId": "sess_123",
            "deviceId": "device-abc-1",
            "createdAt": "2025-10-10T01:02:00Z"
        }
    }
}

Modified at 2025-10-10 18:46:16

callback

login

Client guidance#

Request

Responses

User logged in successfully

Client guidance