POST /api/auth/loginAuthenticates a user with email and password. Returns a short-lived access token and a long-lived refresh token. Rate limited to 10 requests per hour per IP address.
Request body The user’s registered email address. Case-insensitive.
Response 200 OK Returns both tokens and the authenticated user’s profile.
Short-lived JWT used to authenticate API requests. Pass this as Authorization: Bearer <access_token>.
Long-lived token used to obtain new access tokens. Store this securely. Pass to POST /api/auth/refresh.
Combined full name, or username if name fields are empty.
Whether the account is active.
ISO 8601 timestamp of account creation.
ISO 8601 timestamp of last update.
Role name: user or admin.
Error responses Status Description 401Invalid email or password 403Account is deactivated
curl --request POST \ --url https://task-forge-gbd6h8gtg8hchve9.chilecentral-01.azurewebsites.net/api/auth/login \ --header 'Content-Type: application/json' \ --data '{ "email": "[email protected] ", "password": "SecurePass123" }'
{ "success" : true , "message" : "Inicio de sesion exitoso" , "data" : { "access_token" : "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI0MiIsImlhdCI6MTc0MjIwMDAwMCwiZXhwIjoxNzQyMjg2NDAwfQ.abc123" , "refresh_token" : "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI0MiIsImlhdCI6MTc0MjIwMDAwMCwiZXhwIjoxNzQ0NzkyMDAwfQ.def456" , "user" : { "id" : 42 , "username" : "johndoe" , "email" : "[email protected] " , "first_name" : "John" , "last_name" : "Doe" , "full_name" : "John Doe" , "is_active" : true , "created_at" : "2026-03-17T10:00:00.000000" , "updated_at" : "2026-03-17T10:00:00.000000" , "role" : { "id" : 2 , "name" : "user" , "description" : "Standard user role" } } } }
