Log an end-user in with email + password. Returns a session token, or an MFA challenge if 2FA is enabled.
Log an end-user in with email + password. Returns a session token, or an MFA challenge if 2FA is enabled.
POST
https://staging.softsolz.uk/api/v1/services/customer-auth/sessionsRecent Requests
Log in to see full request historyTimeStatusUser Agent
Make a request to see history.
Headers
AuthorizationstringrequiredBearer token: `Bearer sk_live_...` (or `sk_test_...` for sandbox). A login token will not work here.
Body Params
emailstringEnd-user email.
passwordstringEnd-user plaintext password.
Response
Response Body
userobjectEnd-user identity (non-MFA path).sessionobjectThe issued session token and its metadata.mfa_requiredbooleanPresent and true when an MFA challenge is required.challenge_tokenstring | nullShort-lived (5 min) MFA challenge token (MFA path only).Request
import { SoftSolz } from '@softsolz/sdk';
const client = new SoftSolz({ apiKey: process.env.SOFTSOLZ_API_KEY });
const result = await client.customerAuth.createSession({});console.log(result);Credentials
Sent as a Bearer token. Stored only in your browser.
Response · 200
{ "data": { "user": {}, "session": {}, "mfa_required": true, "challenge_token": "string" }}