Download OpenAPI specification:Download
Login users using passwords. This implements a backend-to-backend integration for password authentication.
Authenticates a user using their username and password. The value of this username may correspond to the user's username, phone number, or email (based on what was used to register their password credentials, see Register password).
| resource | string Resource URI the authentication request is attempting to access, which is reflected in the audience ( |
object Used to request additional claims in the ID token, such as roles, permissions, and other user profile data. The structure is per the OIDC Standard. For supported claims and how to request custom claims, see the ID Token Reference. | |
| org_id | string Organization ID, used for member login in B2B scenarios |
| session_id | string Used to associate the authentication with an existing session (such as for MFA). If unspecified, a new session is created and the session ID is returned. |
| username required | string Identifier of the user, which may contain the user's username, email or phone number (depending on what was used to register password credentials). The |
| password required | string Password |
| username_type | string Default: "username" Type of user identifier used to register the password |
Returns user tokens
{- "resource": "string",
- "claims": {
- "id_token": {
- "roles": null
}
}, - "org_id": "string",
- "session_id": "string",
- "username": "string",
- "password": "string",
- "username_type": "username"
}{- "access_token": "string",
- "id_token": "string",
- "refresh_token": "string",
- "token_type": "string",
- "expires_in": 3600,
- "session_id": "string"
}