Skip to main content

Endpoint

POST /api/auth/login

Request Body

FieldTypeRequiredNotes
accountTypestringYesemail or phone
accountValuestringYesEmail or phone
passwordstringYes*Required when accountType = email, must be MD5
verificationCodestringYes*Required when accountType = phone
Current backend behavior:
  • accountType = email: supported
  • accountType = phone: not supported (400 Unsupported type)

Example Request

{
  "accountType": "email",
  "accountValue": "ops@partner.com",
  "password": "<MD5_PASSWORD_HASH>"
}

Success Response

{
  "data": {
    "token": {
      "accessToken": "eyJhbGciOi...",
      "expiration": 604800,
      "refreshToken": "eyJhbGciOi...",
      "refreshTokenExpiration": 15552000
    },
    "userInfo": {
      "id": "67a84f9b8277d6f3bc5ed001",
      "email": "ops@partner.com",
      "phoneNumber": "+12025550123",
      "firstName": "Ops",
      "lastName": "Team",
      "role": "admin",
      "createdAt": "2026-01-18T03:36:10.488Z",
      "lastLoginAt": "2026-02-11T18:47:29.131Z",
      "partnerId": "67a84f588277d6f3bc5ecfff"
    }
  },
  "message": "success"
}

Use Token

Attach token for partner management APIs:
Authorization: Bearer <accessToken>
Used by:
  • /api/users/*
  • /api/partner/api-keys/*
  • /api/partners/:partnerId/connections/*

Common Errors

  • 400 Unsupported type
  • 400 Email or password is not correct
  • 400 User account is inactive