Skip to main content
POST
/
auth
/
login
Login
curl --request POST \
  --url https://api.example.com/auth/login

Login

Authenticate a user with email and password to receive a JWT token for subsequent API requests.

Endpoint

POST /auth/login

Authentication

No authentication required.

Request Body

FieldTypeRequiredDescription
emailstringYesRegistered email address
passwordstringYesUser password

Example Request

curl -X POST https://api.app.shinzo.ai/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "password": "securepassword123"
  }'

Response

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "user": {
    "uuid": "usr_abc123def456",
    "email": "[email protected]"
  }
}

Status Codes

CodeDescription
200Login successful
400Invalid request (missing fields)
401Invalid email or password
403Email not verified

Token Usage

The returned JWT token should be included in the Authorization header for authenticated requests: 
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Token Expiration

JWT tokens expire after 24 hours. After expiration, users must log in again to obtain a new token.

Error Response - Email Not Verified

If the user’s email is not verified: 
{
  "error": "Email not verified. Please check your inbox for a verification email."
}
Use the Resend Verification endpoint to request a new verification email.