Skip to main content
PUT
/
securitymanagement
/
login
Login
curl --request PUT \
  --url https://{tenant}.fincode.software/api/v6/services/securitymanagement/login \
  --header 'Content-Type: application/json' \
  --header 'platform: <platform>' \
  --header 'uuid: <uuid>' \
  --data '
{
  "email": "<string>",
  "currentPassword": "<string>"
}
'
Authenticate users with email and password to obtain JWT access and refresh tokens. This endpoint supports all user roles: MANAGER, AGENT, CASHIER, and CUSTOMER, etc.

Request Headers

Content-Type
string
default:"application/json"
required
  Must be application/json
platform
string
default:"fincode"
required
  Platform identifier. Use fincode
uuid
string
default:"200"
required
  Unique request identifier. Use 200

Request Body

email
string
required
    User’s email address registered in the system
currentPassword
string
required
    User’s password (minimum 8 characters)

Code Examples

curl -X PUT "https://remitjunction.fincode.software/api/v6/services/securitymanagement/login" \
  -H "Content-Type: application/json" \
  -H "platform: fincode" \
  -H "uuid: 200" \
  -d '{
    "email": "manager@yourcompany.com",
    "currentPassword": "Password@1"
  }'

Error Handling

Cause: Email or password is incorrectSolution:
  • Verify email address is correct
  • Check password is entered correctly
  • Use password reset if forgotten
  • Contact support if issue persists
Cause: Multiple failed login attemptsSolution:
  • Wait for the lockout period to expire
  • Contact your administrator to unlock the account
  • Use the “Forgot Password” flow to reset password
Cause: Email address not registered in the systemSolution:
  • Verify the email address
  • Check if the user exists in your tenant
  • Contact administrator to create the user account

Best Practices

Token Storage

  • Store tokens securely (encrypted storage)
  • Use environment variables for tokens
  • Clear tokens on logout

Token Refresh

  • Implement automatic token refresh
  • Refresh before expiration (5 min buffer)

Error Handling

  • Implement retry logic
  • User-friendly messages

Security

  • CSRF protection
  • Set secure cookie flags

Testing in Sandbox

Use these test credentials in your sandbox environment: 
const testCredentials = {
  manager: {
    email: "hello@remitjunction.co.uk",
    password: "Password@1",
  },
  agent: {
    email: "hello+2@remitjunction.co.uk",
    password: "Password@1",
  },
  cashier: {
    email: "excel.nwachukwu+662@fincode.co.uk",
    password: "PQW7ERMP",
  },
  customer: {
    email: "excel.nwachukwu+662@fincode.co.uk",
    password: "Password@1",
  },
};
These credentials only work in sandbox. Never use test credentials in production.

Headers

platform
string
default:fincode
required
uuid
string
default:200
required

Body

application/json
email
string
required
currentPassword
string
required

Response

200

Successful login