Initiate User Session

Requests

POST /apis/authentication/login

{
"username": "<username>",
"password": "<password>"
}

Response

Example:

{
"data": {
"id": null,
"sessionId": "15a3c22d-2ab3-4d3e-a248-8e194f01585e",
"username": "haiadmin",
"admin": true,
"groups": [],
"roleIds": [],
"roles": [
    {
      "id": "admin",
      "name": "Administrator",
      "admin": true,
      "permissions": {}
    }
],
"sessions": {},
"assets": {},
"ldapUser": false,
"displayName": "haiadmin",
"expires": "2014-05-09T18:15:23.380Z"
}
}

Caution

This data is informational only and subject to change in future HMP releases. The User Session resource is a private resource in HMP v2.5.

REST API developers are encouraged to check for a 200 OK status to verify that a session is valid, but otherwise ignore this response. REST API applications that use the data from this response may stop functioning and break user logins if this response is changed.

A calypso-session-id cookie is returned via the Set-Cookie HTTP header. This cookie is used to authenticate the user for all subsequent requests.

Error

Code	Payload	Description
`400`	`{"code":"010001","name":"InputValidation",` `"message":<Error message>,` `"httpStatusCode":400}`	A user name or password was missing or the wrong JSON type.
`401`	`{"code":"020001","name":"UserNotAuthorized",` `"message":"User has no roles assigned",` `"httpStatusCode":401}`	User has no role assigned.
`401`	`{"code":"020002","name":"InvalidCredentials",` `"message":"Invalid credentials",` `"httpStatusCode":401}`	The user name and or the password was incorrect.
`500`	`{"code":"070051","name":"CreateUserSessi on",` `"message":"Could not create user session",` `"httpStatusCode":500}`	An internal error occurred.
`500`	`{"code":"070000","name":"InternalServer",` `"message":<Error message>,` `"httpStatusCode":500}`	An internal error occurred.
`503`	`{"code":"090002","name":"ServiceUnavailable",` `"message":"No connection to authentication server",` `"httpStatusCode":503}`	Authentication service is unavailable. Please try again later.