Skip to main content
POST
/
auth
/
signin
curl --request POST \
  --url https://{deploymentHost}/auth/signin \
  --header 'Content-Type: application/json' \
  --cookie __session= \
  --data '
{
  "email": "[email protected]",
  "password": "securePassword123!",
  "strategy": "plain_email"
}
'
{
  "status": 200,
  "message": "",
  "data": {
    "signin_attempts": [
      {
        "id": "123456789",
        "method": "plain_email",
        "current_step": "verify_email",
        "completed": false,
        "created_at": "2024-01-01T12:00:00Z"
      }
    ],
    "signins": [],
    "signup_attempts": [],
    "active_signin": null
  },
  "session": {
    "signin_attempts": [
      {
        "id": "123456789",
        "method": "plain_email",
        "current_step": "verify_email",
        "completed": false,
        "created_at": "2024-01-01T12:00:00Z"
      }
    ],
    "signins": [],
    "signup_attempts": [],
    "active_signin": null
  },
  "errors": []
}

Authorizations

__session
string
cookie
required

Session cookie authentication for production deployments. The session token is automatically set as an HTTP-only, secure cookie.

Body

application/json
strategy
enum<string>
required

Authentication strategy to use

Available options:
plain_email,
plain_username,
phone_otp,
email_otp,
magic_link,
passkey
username
string

Username for username-based authentication

email
string<email>

Email address for email-based authentication

phone
string

Phone number for phone-based authentication

password
string

Password for credential-based authentication

Response

Sign-in attempt created successfully

status
integer
required

HTTP status code

message
string
required

Response message (empty for success)

data
any
required

Response data (can be any type)

session
object
required
errors
object[]
required

Array of error objects (empty for success)