Skip to content

Passwords

Login users using passwords. This implements a backend-to-backend integration for password authentication.

Download OpenAPI description
backend-passwords.openapi.json
backend-passwords.openapi.yaml
Languages
Servers
Sandbox environment
https://api.sbx.transmitsecurity.io/cis/
Production environment (US)
https://api.transmitsecurity.io/cis/
Production environment (EU)
https://api.eu.transmitsecurity.io/cis/
Production environment (CA)
https://api.ca.transmitsecurity.io/cis/
Production environment (AU)
https://api.au.transmitsecurity.io/cis/

Authenticate password

Request

Authenticates a user using their username and password. The value of this username may correspond to the user's username, phone number, or email (based on what was used to register their password credentials, see Register password).

Security
ClientAccessToken
Bodyapplication/jsonrequired
resourcestring

Resource URI the authentication request is attempting to access, which is reflected in the audience (aud claim) of the access token. This must be configured as resource for the application.

claimsobject
Example: {"id_token":{"roles":null}}
org_idstring

Organization ID, used for member login in B2B scenarios

client_attributesobject
session_idstring

Used to associate the authentication with an existing session (such as for MFA). If unspecified, a new session is created and the session ID is returned.

usernamestringrequired

Identifier of the user, which may contain the user's username, email or phone number (depending on what was used to register password credentials). The username_type must match the type of identifier used.

passwordstringrequired

Password

username_typestring

Type of user identifier used to register the password

Default "username"
Enum"username""email""phone_number"
curl -i -X POST \
  https://api.sbx.transmitsecurity.io/cis/v1/auth/password/authenticate \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "resource": "string",
    "claims": {
      "id_token": {
        "roles": null
      }
    },
    "org_id": "string",
    "client_attributes": {
      "user_agent": "string",
      "ip_address": "string"
    },
    "session_id": "string",
    "username": "string",
    "password": "string",
    "username_type": "username"
  }'

Responses

Returns user tokens

Bodyapplication/json
access_tokenstringrequired

User access token for accessing endpoints on behalf of the authenticated user.

id_tokenstring

ID token that identifies the user.

refresh_tokenstring

Refresh token used to refresh an expired access token.

token_typestringrequired

Bearer.

expires_innumberrequired

Expiration time of the access token in seconds.

Default 3600
session_idstringrequired

ID of the session in which the authentication occurs.

Response
application/json
{
  "access_token": "string",
  "id_token": "string",
  "refresh_token": "string",
  "token_type": "string",
  "expires_in": 3600,
  "session_id": "string"
}