Skip to main content
POST
/
api
/
v1
/
gate
/
{project_id}
/
auth
/
login
Login
curl --request POST \
  --url https://org-api.hexoforge.dev/api/v1/gate/{project_id}/auth/login \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "email": "<string>",
  "password": "<string>"
}
'
import requests

url = "https://org-api.hexoforge.dev/api/v1/gate/{project_id}/auth/login"

payload = {
"email": "<string>",
"password": "<string>"
}
headers = {
"X-API-Key": "<api-key>",
"Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

print(response.text)
const options = {
method: 'POST',
headers: {'X-API-Key': '<api-key>', 'Content-Type': 'application/json'},
body: JSON.stringify({email: '<string>', password: '<string>'})
};

fetch('https://org-api.hexoforge.dev/api/v1/gate/{project_id}/auth/login', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://org-api.hexoforge.dev/api/v1/gate/{project_id}/auth/login",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'email' => '<string>',
'password' => '<string>'
]),
CURLOPT_HTTPHEADER => [
"Content-Type: application/json",
"X-API-Key: <api-key>"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://org-api.hexoforge.dev/api/v1/gate/{project_id}/auth/login"

payload := strings.NewReader("{\n \"email\": \"<string>\",\n \"password\": \"<string>\"\n}")

req, _ := http.NewRequest("POST", url, payload)

req.Header.Add("X-API-Key", "<api-key>")
req.Header.Add("Content-Type", "application/json")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://org-api.hexoforge.dev/api/v1/gate/{project_id}/auth/login")
.header("X-API-Key", "<api-key>")
.header("Content-Type", "application/json")
.body("{\n \"email\": \"<string>\",\n \"password\": \"<string>\"\n}")
.asString();
require 'uri'
require 'net/http'

url = URI("https://org-api.hexoforge.dev/api/v1/gate/{project_id}/auth/login")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["X-API-Key"] = '<api-key>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"email\": \"<string>\",\n \"password\": \"<string>\"\n}"

response = http.request(request)
puts response.read_body
{
  "last_login_method": {}
}
Authenticates a user with email and password. Requires X-API-Key. If the user has TOTP enabled, tokens are not returned until you call Login TOTP.

Request body

email
string
required
Valid email.
password
string
required
Max 128 characters.

Response

{
  "access_token": "eyJhbGciOiJSUzI1NiIs...",
  "refresh_token": "dGhpcyBpcyBhIHJlZnJlc2g...",
  "token_type": "bearer",
  "expires_in": 900,
  "requires_totp": false,
  "login_ticket": null,
  "last_login_method": "email"
}
last_login_method
string | null
Reflects the previous authentication method (for example email, email_totp). Use for “Last signed in with…” hints. null on the user’s first login.

Status codes

CodeMeaning
200Success or TOTP step required
401Invalid email or password
403Account disabled, email not verified, IP block, or firewall deny
429Rate limited