post https://{host}/auth/v1/web/password/validate
Validates the password of an existing user account and generates the access token and key. The token is valid for 15 minutes by default. You can use the key to regenerate token.
Resource Information
| URI for Mobile App | auth/v1/password/validate |
| URI for Web App | auth/v1/web/password/validate |
| Rate Limited? | Yes |
| Authentication | No |
| HTTP Method | POST |
| Batch Support | No |
Request URL
For mobile application:
http://{ae-host}/auth/v1/password/validate
For web application:
http://{ae-host}/auth/v1/web/password/validate
Request Body Parameters
{ "identifierType":"USERNAME",
"identifierValue":"9940000000",
"deviceId": "deviceid1",
"brand": "KANMODEMO",
"sessionId": "D-c62d7326-e122-4186-8c72-e42f270b0cdf",
"password":"password"
}
| Parameter | Datatype | Description |
|---|---|---|
| identifierType* | enum | Identifier used to generate OTP. Values: MOBILE, EMAIL, USERNAME. |
| identifierValue* | string | Value of the specified identifierType. For example, if identifierType is MOBILE, the identifierValue is the mobile number. |
| deviceId** | string | Unique ID of the device used for password validate. Should be the same as the deviceId used to generate the current token. Not applicable for web application. |
| brand* | string | Name of the brand or org associated with the current account. |
| sessionId* | string | Session ID generated through the v1/token/generate API. |
| password* | string | Password of the current account. Note: You can configure maximum retries as well as account locking after several defined unsuccessful attempts to enter the correct password. |
* Parameters marked with * are mandatory, and the parameters marked with ** are required for the mobile app.
Response parameters
{
"status": {
"success": true,
"code": 200,
"message": "SUCCESS"
},
"auth": {
"token": "eyJpZHYiOlsiTU9CSUxFfDk5NDU1NjAyMjQiXSwiZGV2IjoiZGV2aWNlaWQxIiwib3JnIjoiU1RBTkRBUkRBUFAiLCJhbGciOiJIUzI1NiJ9.eyJ1aWQiOiI3Njg4MTYiLCJpc3MiOiJDQVBJTExBUlkgVEVDSE5PTE9HSUVTIiwiaXNjIjoiZmFsc2UiLCJvZ2MiOlsiMTUxMDYwfHNhLmRlbW8uc29sdXRpb24iXSwiZXhwIjoxNTk3OTQzODU1LCJpYXQiOjE1OTc5NDAyNTUsInJvbCI6IlVTRVIifQ.Wyt_xxlqtmMH3lyReO718sDokngYGp_HSLuiBOyaEds",
"key": "eyJpZHYiOlsiTU9CSUxFfDk5NDU1NjAyMjQiXSwiZGV2IjoiZGV2aWNlaWQxIiwib3JnIjoiU1RBTkRBUkRBUFAiLCJhbGciOiJIUzI1NiJ9.eyJ1aWQiOiI3Njg4MTYiLCJpc3MiOiJDQVBJTExBUlkgVEVDSE5PTE9HSUVTIiwiaWF0IjoxNTk3OTQwMjU1LCJyb2wiOiJBVVRIIn0.UKCOU1oFLPsRx5YJRkClIaRVmE1lNDCjuuKQ9nnMdhE"
},
"user": {
"appRegistered": false,
"sessionId": null,
"role": "USER",
"userRegisteredForPassword": true
}
}
| Parameter | Description |
|---|---|
| status | Object containing status information |
| - success | Boolean indicating the success status |
| - code | Number indicating the status code (e.g., 200 for success) |
| - message | String providing a message related to the status |
| auth | Object containing authentication information |
| - token | String representing the authentication token. By default, the token is valid for 15 minutes. |
| - key | String representing the authentication key. |
| user | Object containing user information |
| - appRegistered | Boolean indicating if the user is registered in the app |
| - sessionId | Value representing the user's session ID |
| - role | String indicating the user's role (e.g., "USER") |
| - userRegisteredForPassword | Boolean indicating if the user is registered for a password |