Send Login Code
POST /auth/login/code
Sends a temporary one time code to the user that can be used during login flow.
If the user has a credential of kind PasswordProtectedKey
a temporary one time code needs to be passed in the loginCode
field. That's because the Create User Login Challenge is unauthenticated and returns the encrypted private key of the user. So we need a first step to verify the identity of the user to prevent anybody from fetching the encrypted private key and trying to brute force it offline.
Request headers required. See Request Headers for more information.
Required Permissions
Since this endpoint is not authenticated, the permissions apply to the application only.
Name | Conditions |
---|---|
| Always Required |
Request body
|
| Email address of the user |
|
| ID of the target Org |
Example
Response
Success
See Common Errors for common errors.
See User Login Errors for user login errors.
Last updated