Login with password
Authenticate a user with the email and password that they provided when registering.
Given that the user credentials are correct, this returns a token that can then be used to authorise
other secured operations. In case the password is expired, a temporary token is returned, which can be used
solely for updating the password.
The token returned is valid for 5 minutes from last activity.
Request Body schema: application/jsonrequired
Success
Bad Request Error - Your request is invalid.
Unauthorized - Your credentials or access token are invalid.
The authentication credentials are not found or are incorrect.
Not found - The requested token couldn't be found.
The user's password has expired. Use the returned temporary token to update their password via the '/passwords/update' endpoint.
Gone - The requested token is expired.
Locked - Account is temporarily locked due to failed consecutive login attempts. Try again in 30 minutes.
Too many requests.
Internal Server Error - There is a problem with the server. Please try again later.
Service Unavailable - We're temporarily offline for maintenance. Please try again later.
Error
- Payload
- curl
- Node.js
- JavaScript
- Python
- C#
- Java
- PHP
{- "email": "user@example.com",
- "password": {
- "value": "pa$$word"
}
}- 200
- 400
- 404
- 409
- 410
- default
{- "token": "string",
- "tokenType": "NO_TYPE",
- "identity": {
- "type": "CONSUMER",
- "id": "string"
}, - "credentials": {
- "type": "ROOT",
- "id": "string"
}
}Login via biometrics
Trigger a push notification and subsequent biometric authentication of a user, by providing the email that was used in the enrolment process of biometrics.
This endpoint can be used in conjunction with your application to authenticate a user and receive a stepped-up token in a single action, for use in-session for any endpoints or UI components that require step-up authentication.
Given that the user credentials are correct, a push notification is sent to the user requesting them to complete biometric authentication. On successful completion of authentication, a token will be shared that can be used for endpoints or UI components that require a stepped-up token.
Success
Bad Request Error - Your request is invalid.
Unauthorized - Your credentials or access token are invalid.
The authentication credentials are not found or are incorrect.
Conflict
Locked - Account is temporarily locked due to failed consecutive login attempts. Try again in 30 minutes.
Too many requests.
Internal Server Error - There is a problem with the server. Please try again later.
Service Unavailable - We're temporarily offline for maintenance. Please try again later.
Error
- Payload
- curl
- Node.js
- JavaScript
- Python
- C#
- Java
- PHP
{- "email": "user@example.com",
- "identity": {
- "type": "CONSUMER",
- "id": "string"
}
}- 200
- 400
- 409
- default
{- "challengeId": "string"
}Get user identities
Retrieves a list of identities available to the holder of the token.
Success
Bad Request Error - Your request is invalid.
Unauthorized - Your credentials or access token are invalid.
Forbidden - Access to the requested resource or action is forbidden.
Not found - The requested resource couldn't be found.
Conflict
Internal Server Error - There is a problem with the server. Please try again later.
Service Unavailable - We're temporarily offline for maintenance. Please try again later.
Error
- curl
- Node.js
- JavaScript
- Python
- C#
- Java
- PHP
- 200
- 400
- 404
- 409
- default
[- {
- "id": {
- "type": "CONSUMER",
- "id": "string"
}, - "name": "string"
}
]Logout
Logs out the user and terminates the session identified by the auth_token in the Authorization Header.
Success
Success - No Content.
Bad Request Error - Your request is invalid.
Unauthorized - Your credentials or access token are invalid.
Too many requests.
Internal Server Error - There is a problem with the server. Please try again later.
Service Unavailable - We're temporarily offline for maintenance. Please try again later.
Error
- curl
- Node.js
- JavaScript
- Python
- C#
- Java
- PHP
- 200
- 400
- default
{- "url": "string"
}Acquire a new access token
This API endpoint accepts a POST request with an auth_token parameter and returns an access_token that grants authorized access to additional resources within the API, with a different expiration time and unique signature.
Request Body schema: application/jsonrequired
required | object (IdentityId) |
Success
Bad Request Error - Your request is invalid.
Unauthorized - Your credentials or access token are invalid.
The auth token is not specified or is incorrect.
Locked - Account is temporarily locked due to failed consecutive login attempts. Try again in 30 minutes.
Too many requests.
Internal Server Error - There is a problem with the server. Please try again later.
Service Unavailable - We're temporarily offline for maintenance. Please try again later.
Error
- Payload
- curl
- Node.js
- JavaScript
- Python
- C#
- Java
- PHP
{- "identity": {
- "type": "CONSUMER",
- "id": "string"
}
}- 200
- 400
- default
{- "token": "string",
- "identity": {
- "type": "CONSUMER",
- "id": "string"
}, - "credentials": {
- "type": "ROOT",
- "id": "string"
}, - "status": "STANDARD"
}