Login
Authenticate user with email and password.
Endpoint
POST /api/v3/auth/login
Description
Authenticates a user with their email and password credentials. Returns an access token and refresh token for subsequent API calls.
Authentication
This endpoint does not require authentication.
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
email | string | Yes | User's email address |
password | string | Yes | User's password |
Response
Returns session data with tokens and user information.
| Field | Type | Description |
|---|---|---|
accessToken | string | JWT access token for API calls |
refreshToken | string | Refresh token for obtaining new access tokens |
tokenType | string | Token type (always bearer) |
expiresIn | integer | Token lifetime in seconds |
expiresAt | integer | Token expiration timestamp (Unix seconds) |
user | object | User information |
User Object
| Field | Type | Description |
|---|---|---|
id | string | User UUID |
email | string | User email |
createdAt | string | Account creation timestamp (ISO 8601) |
Usage
import requests
response = requests.post(
"https://cadenza-api-uat.algo724.com/api/v3/auth/login",
json={
"email": "user@example.com",
"password": "your-password"
}
)
data = response.json()["data"]
access_token = data["accessToken"]
curl -X POST https://cadenza-api-uat.algo724.com/api/v3/auth/login \
-H "Content-Type: application/json" \
-d '{"email": "user@example.com", "password": "your-password"}'
Example Response
{
"data": {
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"refreshToken": "v1.MjAyNC0wMS0xNVQxMDowMDowMFo...",
"tokenType": "bearer",
"expiresIn": 3600,
"expiresAt": 1703056235,
"user": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"email": "user@example.com",
"createdAt": "2024-01-15T10:00:00Z"
}
},
"success": true,
"errno": 0,
"error": null
}
Error Responses
| HTTP Code | Error | Description |
|---|---|---|
| 400 | Invalid request | Missing or invalid email/password |
| 401 | Invalid credentials | Email or password is incorrect |
| 429 | Rate limited | Too many login attempts |
Example Error
{
"data": null,
"success": false,
"errno": -100001,
"error": "Invalid login credentials"
}
Notes
- Store the access token securely for subsequent API calls
- Store the refresh token for obtaining new access tokens when the current one expires
- Access tokens typically expire after 1 hour
- Use the token refresh endpoint to get new tokens