login

Added in v1.0.0

Authenticates a user.


Query Syntax

HTTP

URL: http://kuzzle:7512/_login/<strategy>[?expiresIn=<expiresIn>]
Method: POST  
Body:
{
  "username": "<username>",
  "password": "<password>"
}

Other protocols

{
  "controller": "auth",
  "action": "login",
  "strategy": "<strategy>",
  "expiresIn": "<expiresIn>",
  "body": {
    "username": "<username>",
    "password": "<password>"
  }
}

Arguments

  • strategy: the name of the authentication strategy used to log the user in.

Optional:

  • expiresIn: set the expiration duration (default: depends on Kuzzle configuration file)
    • if a raw number is provided (not enclosed between quotes), then the expiration delay is in milliseconds. Example: 86400000
    • if this value is a string, then its content is parsed by the ms library. Examples: "6d", "10h"

Body properties

Depending on the chosen authentication strategy, additional credential arguments may be required.

The API request example in this page provides the necessary arguments for the local authentication plugin.

Check the appropriate authentication plugin documentation to get the list of additional arguments to provide.


Response

The result contains the following properties:

  • _id: user's kuid
  • jwt: encrypted JSON Web Token, that must then be sent in the requests headers or in the query
  • expiresAt: token expiration date, in Epoch-millis (UTC)
  • ttl: token time to live, in milliseconds
{
  "status": 200,
  "error": null,
  "controller": "auth",
  "action": "login",
  "requestId": "<unique request identifier>",
  "volatile": {},
  "result": {
    "_id": "<kuid>",
    "jwt": "<JWT encrypted token>",
    "expiresAt": 1321085955000,
    "ttl": 360000
  }
}