Authenticate user
Logs in a user and returns a JWT token upon successful authentication. By default login is validated via a reCAPTCHA token supplied in the request body. Server-to-server callers can instead send the X-App-Name header (matching the configured application name) to bypass the reCAPTCHA check.
Headers
- Type: stringX
- App - Name requiredApplication name for server-to-server callers. When it matches the configured application name, the reCAPTCHA check is skipped and no reCAPTCHA token is required. (Optional on the server, but pre-filled here so API clients send it automatically.)
Body·
required
application/json
- Type: string Format: passwordpasswordrequired
User's password.
- Type: string Format: emailusernamerequired
User's email address.
Responses
- application/json
- application/json
- application/json
Request Example for post/v1/auth/login
curl https://api.broker.v1.demo.affordx.nz/v1/auth/login \
--request POST \
--header 'X-App-Name: AffordX' \
--header 'Content-Type: application/json' \
--data '{
"username": "user@example.com",
"password": "string-password"
}'
{
"token": "string",
"refreshToken": "string",
"id": "string",
"username": "string",
"email": "hello@example.com",
"roles": [
"ROLE_BROKER"
]
}