SPA Authentication

SPA Login - Authenticate with email and password

Authenticates a user and returns JWT access token and refresh token. If 2FA is enabled, returns a 2FA token instead.

POST/api/spa/auth/login

SPA Login - Authenticate with email and password

curl --request POST \
  --url 'https://app.output.rocks/api/spa/auth/login' \
  --header 'X-AUTH-TOKEN: <api-key>' \
  --header 'Content-Type: application/json' \
  --data '{
  "email": "user@example.com",
  "password": "password123"
}'

201

application/json

{
  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "refreshToken": "a1b2c3d4e5f6...",
  "expiresIn": 3600,
  "requiresTwoFactor": true,
  "twoFactorToken": "eyJ0eXAiOiIyZmEiLCJ1c2VySWQiOjF9...",
  "method": "email",
  "user": {}
}

Authorizations

X-AUTH-TOKEN

stringheaderrequired

Value for the X-AUTH-TOKEN header parameter.

Request Body

application/json

required

The new SpaLogin resource

{
  "email": "user@example.com",
  "password": "password123"
}

Response

201application/json

SpaLogin resource created

accessToken

string

JWT access token

Example: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

refreshToken

string

Refresh token for obtaining new access tokens

Example: "a1b2c3d4e5f6..."

expiresIn

integer

Access token lifetime in seconds

Example: 3600

requiresTwoFactor

boolean

Indicates if 2FA verification is required

Available options: truefalse

Example: true

twoFactorToken

string

Temporary token for 2FA verification

Example: "eyJ0eXAiOiIyZmEiLCJ1c2VySWQiOjF9..."

method

string

2FA method (email)

Example: "email"

user

object

User profile information