POST/auth/login
Log in
Authenticate with email/password. **Mock: any password works for any seeded email.** The demo account `demo@example.com` is always present and carries admin role — use it for docs Try-It. Token valid 1 hour.
ReturnsAuthResponse
AcceptsAuthCredentials
Response examples
200Logged in
{
"user": {
"id": 1,
"firstName": "Demo",
"lastName": "User",
"email": "demo@example.com",
"username": "demo",
"avatar": "https://i.pravatar.cc/150?u=demo",
"phone": "+1-555-000-0001",
"address": {
"street": "1 Demo Way",
"city": "Austin",
"state": "TX",
"zipCode": "78701",
"country": "US",
"geo": {
"lat": 30.2672,
"lng": -97.7431
}
},
"company": {
"name": "Demo Corp",
"catchPhrase": "Seeded for docs and testing."
},
"website": "https://example.com/demo",
"role": "admin",
"age": 30,
"bio": "Seeded demo account. Log in with any password.",
"isActive": true,
"createdAt": "2024-01-01T00:00:00.000Z",
"updatedAt": "2026-04-21T00:00:00.000Z"
},
"token": "string",
"expiresAt": "2024-01-15T09:30:00Z"
}400400 — invalid input or malformed JSON
{
"error": {
"status": 400,
"message": "Request body required"
}
}401401 — missing or expired Bearer token
{
"error": {
"status": 401,
"message": "Authentication required"
}
}