Core
API v2.x
2

login #

Authenticates a user.


Query Syntax #

HTTP #

Copied to clipboard!
URL: http://kuzzle:7512/_login/<strategy>[?expiresIn=<expiresIn>]
Method: POST
Body:
Copied to clipboard!
{
  "username": "<username>",
  "password": "<password>"
}

Other protocols #

Copied to clipboard!
{
  "controller": "auth",
  "action": "login",
  "strategy": "<strategy>",
  "expiresIn": "<expiresIn>",
  "body": {
    "username": "<username>",
    "password": "<password>"
  }
}

Arguments #

  • strategy: the name of the authentication strategy used to log the user in.

Optional: #

  • expiresIn: set the expiration duration (default: depends on Kuzzle configuration file)

    • if a raw number is provided (not enclosed between quotes), then the expiration delay is in milliseconds. Example: 86400000
    • if this value is a string, then its content is parsed by the ms library. Examples: "6d", "10h"
  • cookieAuth: Enable the storage of the token in an HTTP Cookie


Body properties #

Depending on the chosen authentication strategy, additional credential arguments may be required.

The API request example in this page provides the necessary arguments for the local authentication plugin.

Check the appropriate authentication plugin documentation to get the list of additional arguments to provide.


Response #

The result contains the following properties:

  • _id: user's kuid
  • jwt: encrypted JSON Web Token, that must then be sent in the requests headers or in the query
  • expiresAt: token expiration date, in Epoch-millis (UTC)
  • ttl: token time to live, in milliseconds
Copied to clipboard!
{
  "status": 200,
  "error": null,
  "controller": "auth",
  "action": "login",
  "requestId": "<unique request identifier>",
  "volatile": {},
  "result": {
    "_id": "<kuid>",
    "jwt": "<JWT encrypted token>",
    "expiresAt": 1321085955000,
    "ttl": 360000
  }
}