Partner Auth Login

Endpoint

POST /api/auth/login

Request Body

Field	Type	Required	Notes
`accountType`	string	Yes	`email` or `phone`
`accountValue`	string	Yes	Email or phone
`password`	string	Yes*	Required when `accountType = email`, must be MD5
`verificationCode`	string	Yes*	Required when `accountType = phone`

Current backend behavior:

accountType = email: supported
accountType = phone: not supported (400 Unsupported type)

Example Request

{
  "accountType": "email",
  "accountValue": "ops@partner.com",
  "password": "<MD5_PASSWORD_HASH>"
}

Success Response

{
  "data": {
    "token": {
      "accessToken": "eyJhbGciOi...",
      "expiration": 604800,
      "refreshToken": "eyJhbGciOi...",
      "refreshTokenExpiration": 15552000
    },
    "userInfo": {
      "id": "67a84f9b8277d6f3bc5ed001",
      "email": "ops@partner.com",
      "phoneNumber": "+12025550123",
      "firstName": "Ops",
      "lastName": "Team",
      "role": "admin",
      "createdAt": "2026-01-18T03:36:10.488Z",
      "lastLoginAt": "2026-02-11T18:47:29.131Z",
      "partnerId": "67a84f588277d6f3bc5ecfff"
    }
  },
  "message": "success"
}

Use Token

Attach token for partner management APIs:

Authorization: Bearer <accessToken>

Used by:

/api/users/*
/api/partner/api-keys/*
/api/partners/:partnerId/connections/*

Common Errors

400 Unsupported type
400 Email or password is not correct
400 User account is inactive

Overview

Core OTA APIs

BRG Radar APIs

PageOne Travel AI Agent API

Partner Management APIs

Admin APIs

Shared Models

Endpoint

Request Body

Example Request

Success Response

Use Token

Common Errors

Overview

Core OTA APIs

BRG Radar APIs

PageOne Travel AI Agent API

Partner Management APIs

Admin APIs

Shared Models

​Endpoint

​Request Body

​Example Request

​Success Response

​Use Token

​Common Errors

Endpoint

Request Body

Example Request

Success Response

Use Token

Common Errors