Login

Use the login endpoint to authenticate your user and allow them to access secure endpoints.

Request data#

HTTP method: POST

URL format: https://baseUrl/versionNumber/customEndpointRoute/userEndpoint?key=apiKey&login=true[&dataOnly=true]

Example:

https://app.yawe.dev/api/1/ce/examples/auth?key=d59eb2859c284168ac48aef65046d5dd&login=true[&dataOnly=true]

Request Headers#

HeaderRequiredDescription
Content-TypeYesSpecifies the MIME type of the body of the Request.

It must be application/json.

Request Parameters#

The following table describes the Request parameters.

ParameterDescriptionRequired
baseUrlBase url for calling the API.

Value: app.yawe.dev/api

Yes
versionNumberService version.

Value: The current value is 1.

Yes
customEndpointRouteThe route which identifies custom endpoints.

Default value: ce

Yes
userEndpointThe endpoint name generated by the user.

Value: the name created at https://app.yawe.dev

Yes
keyThe API Key of the project.Yes
loginRequired to perform a login.

Value: true

Yes
dataOnlyIf used, the endpoint response will be the POST body, without additional information such as ‘uniqueId’.

Value: true

No

POST body#

The login endpoint expects a JSON with user credentials.

See the table below for more details:

ParameterDescriptionRequired
usernameType: StringYes
password

The user password.

Type: String

Yes

Response data#

Error codes#

Error codeDescription
400Possible reasons:
  • Endpoint or API Key not valid.
  • Wrong Content-Type, it only accepts "application/json".
  • Empty Request body.
  • If username or password are not present in the request body.
401Invalid credentials.
403Missing API Key, not allowed origin or disallowed request without orign.

Successful response#

{
uniqueId: "3f38bf9e1bb54d2396d1f1b8fbba1630",
data: { username: "usernameeee" },
createdAt: "2020-12-27T10:58:45.000Z",
updatedAt: "2020-12-27T10:58:45.000Z"
}

Cookies#

CookieDescription
yawe_access_tokenIf the credentials are valid, the access token is sent in a httpOnly cookie as part of the response. httpOnly cookies are not accessible via JS.

This token/cookie is valid for 30 days.

To generate a new one a new login is required.

This cookie is deleted when logout is performed.