Log in

POST

/v1/iam/auth/login

const url = 'http://localhost:8080/v1/iam/auth/login';
const options = {
  method: 'POST',
  headers: {'Content-Type': 'application/json'},
  body: '{"email":"hello@example.com","password":"example","totpCode":"example","recoveryCode":"example"}'
};

try {
  const response = await fetch(url, options);
  const data = await response.json();
  console.log(data);
} catch (error) {
  console.error(error);
}

curl --request POST \
  --url http://localhost:8080/v1/iam/auth/login \
  --header 'Content-Type: application/json' \
  --data '{ "email": "hello@example.com", "password": "example", "totpCode": "example", "recoveryCode": "example" }'

Anti-enumeration : retourne 401 invalid_credentials que l’email existe ou pas. Set les cookies apophis_at/rt/csrf en cas de succès.

Request Body^required

application/json

object

email

required

string format: email

>= 3 characters <= 320 characters

password

required

string

>= 1 characters <= 1024 characters

totpCode

string

/^\d{6}$/

recoveryCode

string

>= 8 characters <= 64 characters

Example ^generated

{
  "email": "hello@example.com",
  "password": "example",
  "totpCode": "example",
  "recoveryCode": "example"
}

Responses

200

Authentifié.

application/json

object

status

required

string

Allowed value: success

code

required

string

data

required

object

sessionId

required

string

expiresAt

required

string format: date-time

requiresPasswordSetup

required

boolean

csrfToken

required

string

cache

object

hit

required

boolean

key

string

ageSeconds

integer

expiresAt

string format: date-time

timing

object

totalMs

required

integer

dbMs

integer

externalMs

integer

deprecation

object

sunset

required

string format: date-time

successor

string

note

string

Example

{
  "status": "success"
}

400

Requête mal formée (validation_error, invalid_idempotency_key, invalid_sort_field, invalid_filter).

application/json

object

status

required

string

Allowed value: error

code

required

string

error

required

object

message

string

requestId

required

string

details

Array<object>

object

path

string

code

string

message

string

key

additional properties

Example

{
  "status": "error"
}

401

Authentification manquante ou invalide.

application/json

object

status

required

string

Allowed value: error

code

required

string

error

required

object

message

string

requestId

required

string

details

Array<object>

object

path

string

code

string

message

string

key

additional properties

Example

{
  "status": "error"
}

429

Rate-limit dépassé. Header Retry-After retourné.

application/json

object

status

required

string

Allowed value: error

code

required

string

error

required

object

message

string

requestId

required

string

details

Array<object>

object

path

string

code

string

message

string

key

additional properties

Example

{
  "status": "error"
}

Log in

Request Body required

Example generated

Responses

200

Example

400

Example

401

Example

429

Example

Request Body^required

Example ^generated