Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/ericcobasdev/careertrack-api/llms.txt

Use this file to discover all available pages before exploring further.

The login endpoint verifies the credentials of an existing user account and returns a fresh Sanctum plain-text bearer token that can be used to authenticate requests to all protected endpoints.

Endpoint

POST /api/auth/login
No authentication is required to call this endpoint.

Request Body

email
string
required
The registered email address associated with the account.
password
string
required
The account password.

Example Request

curl -X POST https://your-domain.com/api/auth/login \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
  -d '{
    "email": "jane@example.com",
    "password": "secret123"
  }'

Response (200 OK)

A successful request returns HTTP 200 OK with a JSON body containing the authenticated user object and a bearer token.
user
object
The authenticated user resource.
token
string
Sanctum plain-text bearer token. Include this value in the Authorization header of all subsequent requests to protected endpoints.
{
  "user": {
    "id": 1,
    "name": "Jane Doe",
    "email": "jane@example.com",
    "created_at": "2024-05-01T10:00:00.000000Z",
    "updated_at": "2024-05-01T10:00:00.000000Z"
  },
  "token": "2|zyxwvutsrqponmlkjihgfedcba0987654321"
}

Error Responses

422 Unprocessable Content — Returned when the email does not match any registered account or the password is incorrect.
{
  "message": "The provided credentials are incorrect.",
  "errors": {
    "email": ["The provided credentials are incorrect."]
  }
}
Each call to this endpoint issues a new token without invalidating any previously issued tokens. A logout() method exists in the controller (currentAccessToken()->delete()) but is not yet exposed via a route — there is currently no registered logout endpoint in the API.

Build docs developers (and LLMs) love