Login
Authentication
Login
Authenticate users and obtain access tokens for API requests
PUT
Login
Authenticate users with email and password to obtain JWT access and refresh tokens. This endpoint supports all user roles: MANAGER, AGENT, CASHIER, and CUSTOMER, etc.
Request Headers
Must be
application/json Platform identifier. Use
fincode Unique request identifier. Use
200Request Body
User’s email address registered in the system
User’s password (minimum 8 characters)
Code Examples
Error Handling
Invalid Credentials (401)
Invalid Credentials (401)
Cause: Email or password is incorrectSolution:
- Verify email address is correct
- Check password is entered correctly
- Use password reset if forgotten
- Contact support if issue persists
Account Locked (403)
Account Locked (403)
Cause: Multiple failed login attemptsSolution:
- Wait for the lockout period to expire
- Contact your administrator to unlock the account
- Use the “Forgot Password” flow to reset password
User Not Found (404)
User Not Found (404)
Cause: Email address not registered in the systemSolution:
- Verify the email address
- Check if the user exists in your tenant
- Contact administrator to create the user account
Best Practices
Token Storage
- Store tokens securely (encrypted storage)
- Use environment variables for tokens
- Clear tokens on logout
Token Refresh
- Implement automatic token refresh
- Refresh before expiration (5 min buffer)
Error Handling
- Implement retry logic
- User-friendly messages
Security
- CSRF protection
- Set secure cookie flags
