POST
/api/auth/login
const url = 'https://example.com/api/auth/login';const options = { method: 'POST', headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'}, body: '{"email":"hello@example.com","password":"example"}'};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request POST \ --url https://example.com/api/auth/login \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --data '{ "email": "hello@example.com", "password": "example" }'Verifies an email/password pair and returns a signed JWT access token plus the user
profile. The portal stores the token in an httpOnly cookie and forwards it on
subsequent API calls as Authorization: Bearer <token>.
Authorizations
Section titled “Authorizations ”Request Body
Section titled “Request Body ”object
email
required
string format: email
password
required
string
Example generated
{ "email": "hello@example.com", "password": "example"}object
email
required
string format: email
password
required
string
Example generated
{ "email": "hello@example.com", "password": "example"}object
email
required
string format: email
password
required
string
Example generated
{ "email": "hello@example.com", "password": "example"}Responses
Section titled “ Responses ”Credentials accepted.
Media type application/json
Result of a successful login.
object
token
string
expiresAt
string format: date-time
user
The authenticated user attached to the current bearer token.
object
id
string format: uuid
merchantId
string format: uuid
email
string
fullName
string
role
string
Example
{ "user": { "role": "Owner" }}Email or password incorrect, or the account is inactive.
Media type application/json
object
type
string
title
string
status
integer format: int32
detail
string
instance
string
key
additional properties
Example generated
{ "type": "example", "title": "example", "status": 1, "detail": "example", "instance": "example"}