Send Login Code

POST /auth/login/code

Sends a temporary one time code to the user that can be used during login flow.

If the user has a credential of kind PasswordProtectedKey a temporary one time code needs to be passed in the loginCode field. That's because the Create User Login Challenge is unauthenticated and returns the encrypted private key of the user. So we need a first step to verify the identity of the user to prevent anybody from fetching the encrypted private key and trying to brute force it offline.

Request headers required. See Request Headers for more information.

Required Permissions

None

Request body

username *

String

Email address of the user

orgId *

String

ID of the target Org

Example

{
  "username": "[email protected]",
  "orgId": "or-34513-nip9c-8bppvgqgj28dbodrc"
}

Response

Success

{
    "message": "success"
}

See Common Errors for common errors.
See User Login Errors for user login errors.

Last updated 11 days ago