POST /auth/login
Authenticate existing users with email and password (password required). Returns a JWT for subsequent authenticated requests.
Password sign-in: For passwordless (no password field), use OTP Send + OTP Verify instead.
Email verification: If your project requires email verification, users must verify their email before logging in. Otherwise they receive emailNotVerified: true with status 403.
Endpoint
POST /api/v1/public/projects/:projectSlug/auth/loginRequest Body
| Field | Type | Required | Description |
|---|---|---|---|
email | string | ✅ | User’s email address |
password | string | ✅ | User’s password |
turnstileToken | string | ❌ | Turnstile token for captcha (if project uses it) |
Example Request Body
{
"email": "[email protected]",
"password": "SecurePassword123!"
}Response
Success (200 OK)
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"user": {
"id": "user-uuid-here",
"email": "[email protected]",
"name": "Jane Doe"
}
}Store the token and send it in Authorization: Bearer <token> for protected endpoints like GET /auth/me.
Error Responses
| Status Code | Description |
|---|---|
| 400 | Validation failed (invalid email/password format) |
| 401 | Invalid email or password |
| 403 | Account locked (too many failed attempts) or email not verified |
| 429 | Too many login attempts (rate limited) |
Try It Now
POST
https://api.aerocall.app/api/v1/public/projects/your-project/auth/loginRelated Endpoints
- POST /auth/register - Create account
- POST /auth/otp/send - Passwordless login
- GET /auth/me - Get current user