Login Endpoint - English

API Documentation - Login Endpoint

Description

This endpoint ~~allows~~authenticates users toby ~~authenticate~~validating ~~using~~an Auth0 access token and a Base64-encoded ~~email~~email. ~~address~~If ~~and~~authentication anis ~~access~~successful, ~~token generated by Auth0. Once authenticated, the system~~it generates a JWT ~~(JSON~~for ~~Web~~the ~~Token)~~user ~~that~~session. If the provided Auth0 token is ~~included~~expired asor invalid, the user will be redirected to a ~~parameter~~specified ~~in the redirection URL for future authentications and secure sessions.~~URL.

URL

POST POST /api/login

Authentication

Required Token: Auth0 access token

Obtaining the Token: You must register your application with Auth0 and configure it to use the authorization flow that best suits your needs (e.g., Client Credentials, Authorization Code, etc.). The access token should be requested from Auth0 using the client_id, client_secret, and ~~the~~ appropriate scopes that allow access to this endpoint.
Using the Token: The access token must be included in all requests to the login endpoint in the authorization header as a Bearer Token.

Headers

Key	Value	Description
Authorization	`Bearer {token}`	Auth0 access token required for authentication.

Body Parameters

Parameter	Required	Type	Description
`email`	Yes	~~User'~~string	The user's email ~~address~~ encoded in ~~Base64.~~Base64 format.
`redirect_url`	No	string	URL to which the user will be redirected if the Auth0 token is expired or invalid.

ResponsesRequest Example

curl -X POST "https://yourdomain.com/api/login" \
-H "Authorization: Bearer {auth0_access_token}" \
-H "Content-Type: application/json" \
-d '{"email": "dXNlckBleGFtcGxlLmNvbQ==", "redirect_url": "https://yourdomain.com/login"}'

Success Response

Code: 200 OK

~~Body Content~~:

{
  "status": "success",
  "url": "https://yourdomain.com/site/callback?token=jwt_token_here",
  "token": "jwt_token_here",
  "expires_in": 561658161,
  "message": "User logged in"
}

Description: The response includes the ~~operation~~status ~~status,~~of the operation, a descriptive message, and a URL ~~where the client can be redirected which includes~~with the generated ~~JWT.~~JWT as a parameter for user redirection.

Error Responses

~~Code~~: 401 Unauthorized

~~Body~~(with ~~Content~~redirect_url provided):
```
{
```


"status": "error",
  "message": "Unauthorized or invalid token"
}

~~Description: Returned when~~If the Auth0 token is invalid or has ~~expired.~~expired, and a redirect_url is provided, the user is redirected to that URL.

~~Code~~: 400 Bad Request

~~Body~~(Email ~~Content~~missing):

{
  "status": "error",
  "message": "Email is required"
}

~~Description~~~~: Returned when the email is not included in the request.~~

Response Data

Field	Type	Description
`status`	string	The status of the response, can be "success" or "error".
`url`	string	URL where the client can be redirected, includes the JWT in successful responses.
`token`	string	The JWT generated for the user session.
`expires_in`	int	Token expiration time in seconds.
`message`	string	Descriptive message about the outcome of the operation.

Table of Possible Error Values

~~invalid"~~ unspecified

Code	Message	Description
~~"Username~~401	Unauthorized or invalid token	Indicates that the provided Auth0 token is invalid or expired. If `redirect_url` is provided, the user is redirected.
"400	Email is required	Email was not provided in the request body.
400	Username invalid	The username does not exist in the system.
400	User doesn't have any ~~licence"~~licence	The user lacks the necessary licensing.
"400	User doesn't have a ~~profile"~~profile	The user does not have an associated profile.
"400	Unknown ~~error"~~error
An
~~"Unauthorized~~error ~~or invalid token"~~
~~"Email is required"~~occurred.

Example
This Usage

documentation

~~Request~~:now accurately reflects the behavior of the endpoint when dealing with expired or invalid Auth0 tokens, including the redirection to a specified URL if provided. This ensures a clear and comprehensive understanding for all potential users and developers interacting with the API.

curl -X POST "https://yourdomain.com/api/login" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer your_auth0_access_token" \
-d '{"email": "dXNlckBleGFtcGxlLmNvbQ=="}'

~~Response~~:

{
  "status": "success",
  "url": "https://yourdomain.com/site/callback?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "message": "User logged in"
}