31 lines
1.2 KiB
YAML
31 lines
1.2 KiB
YAML
post:
|
|
tags: [Accounts, Auth]
|
|
summary: API login using email/password and client credentials
|
|
description: |
|
|
Validates account credentials and eligible API client credentials, then returns final auth payload.
|
|
This endpoint bypasses login OTP/2FA and is intended only for approved API clients.
|
|
If the client definition includes `allowedCIDRs`, request source IP must match one of those CIDRs.
|
|
operationId: accountsApiLogin
|
|
requestBody:
|
|
$ref: ./bodies/auth.yaml#/components/requestBodies/ApiLoginBody
|
|
responses:
|
|
'200':
|
|
description: Login successful
|
|
content:
|
|
application/json:
|
|
schema:
|
|
allOf:
|
|
- $ref: ../response/response.yaml#/components/schemas/BaseResponse
|
|
- type: object
|
|
properties:
|
|
data:
|
|
$ref: ./response/auth.yaml#/components/schemas/LoginData
|
|
'400':
|
|
$ref: ../response/operation.yaml#/components/responses/BadRequest
|
|
'401':
|
|
$ref: ../response/operation.yaml#/components/responses/Unauthorized
|
|
'403':
|
|
$ref: ../response/operation.yaml#/components/responses/Forbidden
|
|
'500':
|
|
$ref: ../response/operation.yaml#/components/responses/InternalServerError
|