POST
/v1/auth/password/signin

Sign-In an existing user utilizing password authentication. This endpoint will return the user's JWT.

Next Steps

Verify the user's email to allow for password reset by updating the email via OTP, Enchanted Link, or Magic Link

Add tenants to the user via Update User Add Tenant

Add roles to the user via Update User Add Role

See Also

  • See The User Object for further details on how to identify users and their contact information such as email addresses and phone number.
  • Use the Sign-Up endpoint to sign-up a new end user.

Endpoint Authentication

Use authorization bearer header with the following format:

Authorization: Bearer \<Project ID\>

Try it

/v1/auth/password/signin

The Authorization access token

Authorization

Authorization
Required
Bearer <token>

In: header

Request Body

loginIdstring

passwordstring

ssoAppIdstring

loginOptionsobject

Status codeDescription
200OK
curl -X POST "https://api.descope.com/v1/auth/password/signin" \
  -d '{
  "loginId": "string",
  "password": "string",
  "ssoAppId": "string",
  "loginOptions": {
    "stepup": false,
    "customClaims": {},
    "mfa": false,
    "ssoAppId": "string",
    "templateOptions": {
      "property1": "string",
      "property2": "string"
    },
    "locale": "string",
    "pkceChallenge": "string"
  }
}'

{
  "sessionJwt": "string",
  "refreshJwt": "string",
  "cookieDomain": "string",
  "cookiePath": "string",
  "cookieMaxAge": 0,
  "cookieExpiration": 0,
  "user": {
    "loginIds": [
      "string"
    ],
    "userId": "string",
    "name": "string",
    "email": "string",
    "phone": "string",
    "verifiedEmail": true,
    "verifiedPhone": true,
    "roleNames": [
      "string"
    ],
    "userTenants": [
      {
        "tenantId": "string",
        "roleNames": [
          "string"
        ],
        "tenantName": "string"
      }
    ],
    "status": "string",
    "externalIds": [
      "string"
    ],
    "picture": "string",
    "test": false,
    "customAttributes": {},
    "createdTime": 0,
    "TOTP": false,
    "SAML": false,
    "OAuth": {
      "property1": false,
      "property2": false
    },
    "webauthn": true,
    "password": true,
    "ssoAppIds": [
      "string"
    ],
    "givenName": "string",
    "middleName": "string",
    "familyName": "string",
    "editable": true
  },
  "firstSeen": true,
  "idpResponse": {
    "samlResponse": "string",
    "samlGeneratedUser": "string",
    "samlGeneratedRoles": "string",
    "oidcResponse": "string",
    "oidcGeneratedUser": "string",
    "oidcGeneratedRoles": "string"
  }
}

Was this helpful?