Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/bentlyy/Clinica/llms.txt

Use this file to discover all available pages before exploring further.

Exchange valid credentials for a signed JWT token. Include this token in the Authorization header of subsequent requests to access protected endpoints.

Request

Method: POST
Path: /api/auth/login
Auth required: No

Body

email
string
required
The email address of an existing Clinica account.
password
string
required
The account password.

Response

200 — OK

Returns a signed JWT token.
token
string
required
A signed JWT. Valid for 24 hours. The token payload contains:
ClaimTypeDescription
idintegerThe authenticated user’s ID.
emailstringThe authenticated user’s email.
rolestringThe user’s role: patient, doctor, or admin.

Error responses

StatusConditionError message
400email or password missing from request body"Email and password required"
400Credentials do not match any account"Invalid credentials"
Error responses use the shape { "error": "<message>" }.

Example

cURL
curl --request POST \
  --url http://localhost:3000/api/auth/login \
  --header 'Content-Type: application/json' \
  --data '{
    "email": "patient@example.com",
    "password": "securepassword"
  }'
Response
{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Using the token

Pass the token in the Authorization header for all requests that require authentication:
cURL
curl --request GET \
  --url http://localhost:3000/api/doctors/me \
  --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...'
Tokens expire after 24 hours. When a token expires, the user must log in again to receive a new one.

Build docs developers (and LLMs) love

Get started for freeTalk to us