SoulFire LogoSoulFire

Start login flow

Initiates a login flow for the specified email address. If the email is registered, a six-digit verification code is sent to that address. The response always indicates that an email code step is next, regardless of whether the email exists, to prevent email enumeration attacks.

POST
/v1/login

Initiates a login flow for the specified email address.

If the email is registered, a six-digit verification code is sent to that address. The response always indicates that an email code step is next, regardless of whether the email exists, to prevent email enumeration attacks.

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

email*string

The email address of the user attempting to log in. If a user with this email exists, a six-digit verification code will be sent to this address. For security reasons, the response is the same whether or not the email is registered, preventing enumeration attacks.

Formatemail

Response Body

application/json

application/json

application/json

curl -X POST "http://127.0.0.1:38765/v1/login" \  -H "Content-Type: application/json" \  -d '{    "email": ""  }'
{  "auth_flow_token": "001c8d33-f179-47fb-9db8-4caa31962e87",  "email_code": {},  "success": {    "token": "string"  },  "failure": {    "reason": "INVALID_CODE"  }}

How is this page?

Verify email code POST

Verifies an email verification code to complete authentication. The auth_flow_token must match a pending login flow, and the code must match the one that was sent to the user's email. On success, returns a JWT token. On failure, returns a Failure response with INVALID_CODE reason. After successful verification, the auth_flow_token is invalidated and cannot be reused.

Get log history POST

Retrieves historical log entries from the server's in-memory log buffer. The server maintains a rolling buffer of the last 300 log entries. Only returns non-personal logs that match the specified scope.