Skip to main content
POST
/
api
/
v1
/
users
/
login
Login with email and password
curl --request POST \
  --url https://crypto.westminister.tech/api/v1/users/login \
  --header 'Content-Type: application/json' \
  --data '
{
  "email": "user@example.com",
  "password": "secret"
}
'
{
  "access_token": "v2.local.eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "refresh_token": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
  "token_type": "bearer",
  "expires_in": 900,
  "user": {
    "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "email": "jsmith@example.com",
    "phone_number": "<string>",
    "first_name": "<string>",
    "last_name": "<string>",
    "role": "<string>",
    "kyc_status": "<string>"
  }
}

Body

application/json

Login using email and password.

email
string<email>
required

User email address.

Example:

"user@example.com"

password
string<password>
required

User password (min 6 characters).

Example:

"secret"

Response

Login successful

Authentication response returned by login endpoints.

access_token
string

Short-lived bearer token (e.g., PASETO/JWT) used for authenticated API calls.

Example:

"v2.local.eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

refresh_token
string

Long-lived refresh token used to obtain new access tokens. Store securely and never expose in URLs or logs.

Example:

"a1b2c3d4-e5f6-7890-abcd-ef1234567890"

token_type
string

Token type, typically 'bearer'.

Example:

"bearer"

expires_in
integer<int64>

Access token lifetime in seconds.

Example:

900

user
object