Skip to content
JITSudo Docs

Authenticate with local username/password

POST
/v1/auth/login
 
curl --request POST \
  --url https://example.com/v1/auth/login \
  --header 'Content-Type: application/json' \
  --data '{ "email": "hello@example.com", "password": "example", "tenant_slug": "example" }'

Request Body required

Section titled “Request Body required ”
Media type application/json
object
email
required
string format: email
password
required
string
tenant_slug

Optional tenant slug for login when domain-based resolution is unavailable.

string
Example generated
{
  "email": "hello@example.com",
  "password": "example",
  "tenant_slug": "example"
}

Responses

Section titled “ Responses ”

200

Section titled “200 ”

Credentials valid. Returns signed system JWT.

Media type application/json
object
token

Signed system JWT. Present only when MFA is not required.

string
expires_at

Token expiration. Present only when token is present.

string format: date-time
mfa_required

If true, MFA verification is needed before a token is issued.

boolean
challenge_id

MFA challenge ID to use with POST /v1/auth/mfa/challenge.

string format: uuid
methods

Available MFA methods for this user.

Array<string>
Allowed values: totp webauthn_passkey webauthn_fido
enrollment_required

If true, user must enroll MFA before accessing the app.

boolean
Example 
{
  "methods": [
    "totp"
  ]
}

400

Section titled “400 ”

Malformed request body.

Media type application/json
object
code
required

Machine-readable error code (e.g. “not_found”, “tenant_mismatch”).

string
message
required

Human-readable description of the error.

string
details

Optional additional context about the error.

object
key
additional properties
any
notices

Policy notices from determining Cedar rules, if applicable.

Array<string>
Example generated
{
  "code": "example",
  "message": "example",
  "details": {},
  "notices": [
    "example"
  ]
}

401

Section titled “401 ”

Invalid email or password.

Media type application/json
object
code
required

Machine-readable error code (e.g. “not_found”, “tenant_mismatch”).

string
message
required

Human-readable description of the error.

string
details

Optional additional context about the error.

object
key
additional properties
any
notices

Policy notices from determining Cedar rules, if applicable.

Array<string>
Example generated
{
  "code": "example",
  "message": "example",
  "details": {},
  "notices": [
    "example"
  ]
}

403

Section titled “403 ”

Email not verified.

Media type application/json
object
code
required

Machine-readable error code (e.g. “not_found”, “tenant_mismatch”).

string
message
required

Human-readable description of the error.

string
details

Optional additional context about the error.

object
key
additional properties
any
notices

Policy notices from determining Cedar rules, if applicable.

Array<string>
Example generated
{
  "code": "example",
  "message": "example",
  "details": {},
  "notices": [
    "example"
  ]
}