Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/LENINMORENO13/OpsMind/llms.txt

Use this file to discover all available pages before exploring further.

The login endpoint authenticates an existing OpsMind user and issues a signed JSON Web Token (JWT). The request body is first validated by Zod, then the controller looks up the user by email, compares the supplied password against the stored bcrypt hash, and — if both checks pass — signs a JWT containing the user’s id and email. The token must be included as a Bearer token in the Authorization header of every subsequent request to a protected endpoint. No authentication token is required to call this endpoint itself.

Endpoint

POST /api/v1/auth/loginNo authentication required

Request Body

email
string
required
The email address of a registered OpsMind account. Validated by Zod with z.string().email() — must be a well-formed email address.
password
string
required
The account password. Must be at least 6 characters long (z.string().min(6)). The value is compared against the bcrypt hash stored at registration time.

Example Request

curl -X POST https://opsmind-e07b.onrender.com/api/v1/auth/login \
  -H "Content-Type: application/json" \
  -d '{"email": "dev@example.com", "password": "Secure123!"}'

Success Response

HTTP 200 OK The JWT is returned as a plain string in the data field — not as a nested object. Pass this string verbatim as your Bearer token.
{
  "success": true,
  "data": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}
success
boolean
Always true on a successful login.
data
string
A signed JWT string. Pass this value verbatim in the Authorization: Bearer <token> header of subsequent authenticated requests.

Token Details

PropertyValue
AlgorithmHS256 (jsonwebtoken default)
Signing secretprocess.env.JWT_SECRET (server-side environment variable)
Payload fieldsid (user database ID), email (user email address)
Expiry1h (one hour from issuance)
You can inspect the token payload at jwt.io during development to verify the id and email claims embedded at sign time.

Using the Token

Include the token as a Bearer credential in the Authorization header of every request to a protected endpoint:
curl -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." \
  https://opsmind-e07b.onrender.com/api/v1/monitors

Error Responses

HTTP StatusCause
400The request body failed Zod schema validation before the controller ran.
401No user was found with the supplied email, or the password did not match the stored hash.
500An unexpected server-side error occurred (e.g. database unavailable).
Example 401 — invalid credentials Both an unrecognised email and a correct email with a wrong password return the same generic response, preventing user enumeration:
{
  "success": false,
  "error": "Unauthorized"
}
Example 400 — Zod validation failure The validation middleware intercepts malformed requests before the controller runs and returns a structured error listing every failing field:
{
  "message": "Validation error",
  "errors": [
    {
      "field": "email",
      "message": "Invalid email format"
    }
  ]
}
Example 500 — internal error
{
  "success": false,
  "error": "Internal server error"
}
The token expires after 1 hour. Once expired, all requests using it will be rejected with a 401 Unauthorized response. Clients must call POST /api/v1/auth/login again with valid credentials to obtain a fresh token before retrying protected endpoints.

Build docs developers (and LLMs) love