Login User
Authenticate a user by verifying their email and password credentials. Upon successful authentication, returns user details and an access token for authorized requests.
HTTP Method & Endpoint
POST | /auth/login
Request
Headers
| Header | Value | Description |
|---|---|---|
Content-Type | application/json | Specifies that the request body is in JSON format |
x-store-id | {storeId} | StoreId (replace {storeId} with your actual storeId) |
Request Body Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
email | String | Yes | User's registered email address |
password | String | Yes | User's password |
storeId | String | Yes | StoreId (should match x-store-id header) |
Response Format
Success Response (200 OK)
| Field | Type | Description |
|---|---|---|
message | String | Status message indicating successful login |
data | Data | Contains user details and authentication token |
source | String | Source of the data (e.g., "db") |
Data Object Properties
| Field | Type | Description |
|---|---|---|
customer | Customer | Contains all details about the authenticated user |
accessToken | String | JWT token for authenticated requests |
isVerified | Boolean | Indicates if user's email is verified |
Customer Object Properties
| Field | Type | Description |
|---|---|---|
id | String | Unique identifier for the user |
storeId | String | Store ID the user belongs to |
email | String | User's email address |
mobileNumber | String | User's mobile number (if available) |
emailVerified | String | Timestamp of email verification |
mobileVerified | String | Timestamp of mobile verification |
status | String | Account status (e.g., "ACTIVE") |
createdAt | String | Account creation timestamp |
updatedAt | String | Last account update timestamp |
Sample Success Response
{
"message": "Login Success",
"data": {
"customer": {
"id": "2342341293912313",
"storeId": "2342341293912313",
"email": "abc@gmail.com",
"mobileNumber": null,
"emailVerified": "2025-05-16T06:26:16.513Z",
"mobileVerified": null,
"status": "ACTIVE",
"createdAt": "2025-05-16T06:25:36.043Z",
"updatedAt": "2025-05-16T06:26:16.514Z"
},
"accessToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCI....",
"isVerified": true
},
"source": "db"
}
Examples
cURL
curl -X POST "https://dev-sfapi.unisouk.com/auth/login" \
-H "Content-Type: application/json" \
-H "x-store-id: <STORE_ID>" \
-d '{
"email": "abc@gmail.com",
"password": "12312312",
"storeId": "<STORE_ID>"
}'
JavaScript (React)
import axios from "axios";
const loginUser = async () => {
try {
const response = await axios.post(
"https://dev-sfapi.unisouk.com/auth/login",
{
email: "abc@gmail.com",
password: "12312312",
storeId: "<STORE_ID>",
},
{
headers: {
"Content-Type": "application/json",
"x-store-id": "<STORE_ID>",
},
}
);
console.log("Login successful:", response.data);
// Store the access token
if (response.data.data.accessToken) {
localStorage.setItem("accessToken", response.data.data.accessToken);
}
} catch (error) {
console.error("Login failed:", error.response?.data || error.message);
}
};
Error Responses
| Status Code | Description |
|---|---|
| 400 | Bad Request - Invalid parameters or validation failed |
| 401 | Unauthorized - Invalid email or password |
| 403 | Forbidden - Account inactive or suspended |
| 404 | Not Found - Email address not registered |
| 500 | Internal Server Error - Something went wrong on the server |
Sample Error Responses
Invalid Credentials:
{
"requestId": "a3ffb59a-7f6a-4d48-96c3-485931bcb6b9",
"error": "UnauthorizedException",
"statusCode": 401,
"message": "Invalid Password for sriram.pant+1@unisouk.com.",
"path": "/auth/login",
"timestamp": 1748352877808
}