The login endpoint authenticates an existing OpsMind user and issues a signed JSON Web Token (JWT). The request body is first validated by Zod, then the controller looks up the user by email, compares the supplied password against the stored bcrypt hash, and — if both checks pass — signs a JWT containing the user’sDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/LENINMORENO13/OpsMind/llms.txt
Use this file to discover all available pages before exploring further.
id and email. The token must be included as a Bearer token in the Authorization header of every subsequent request to a protected endpoint. No authentication token is required to call this endpoint itself.
Endpoint
POST /api/v1/auth/login — No authentication required
Request Body
The email address of a registered OpsMind account. Validated by Zod with
z.string().email() — must be a well-formed email address.The account password. Must be at least 6 characters long (
z.string().min(6)). The value is compared against the bcrypt hash stored at registration time.Example Request
Success Response
HTTP 200 OK The JWT is returned as a plain string in thedata field — not as a nested object. Pass this string verbatim as your Bearer token.
Always
true on a successful login.A signed JWT string. Pass this value verbatim in the
Authorization: Bearer <token> header of subsequent authenticated requests.Token Details
| Property | Value |
|---|---|
| Algorithm | HS256 (jsonwebtoken default) |
| Signing secret | process.env.JWT_SECRET (server-side environment variable) |
| Payload fields | id (user database ID), email (user email address) |
| Expiry | 1h (one hour from issuance) |
Using the Token
Include the token as aBearer credential in the Authorization header of every request to a protected endpoint:
Error Responses
| HTTP Status | Cause |
|---|---|
400 | The request body failed Zod schema validation before the controller ran. |
401 | No user was found with the supplied email, or the password did not match the stored hash. |
500 | An unexpected server-side error occurred (e.g. database unavailable). |