Validates the password of an existing user account and generates an access token and a key when using a mobile application. By default, the token remains valid for 15 minutes, and the key can be used to regenerate a new token.

A first-time user cannot directly validate the password. Instead, the user must enter the password during token generation, generate OTP, and validate it using an OTP. From the next login onward, the user can directly validate the password.

Resource Information


URI for Mobile App	`auth/v1/password/validate`
URI for Web App	`auth/v1/web/password/validate`
Rate Limited?	Yes
Authentication	No
HTTP Method	POST
Batch Support	No

Request URL

For mobile application:

http:ae-host/auth/v1/password/validate

For web application:

http:ae-host/auth/v1/web/password/validate

Request Body Parameters

curl --location 'https://eu.api.capillarytech.com/auth/v1/password/validate' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--header 'accept: application/json' \
--data '{
    "identifierType": "MOBILE",
    "identifierValue": "919999922332",
    "brand": "DocDemo",
    "deviceId": "deviceid1",
    "password": "abc123",
    "sessionId": "P-268e52ac-0546-4ae1-8826-578a897efeae"
}'

curl --location 'https://eu.api.capillarytech.com/auth/v1/web/password/validate' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--header 'accept: application/json' \
--data '{
    "identifierType": "MOBILE",
    "identifierValue": "919999922332",
    "brand": "DocDemo",
    "password": "abc123",
    "sessionId": "P-570b6b63-52e1-4fd1-a904-3489acb6a976"
}'

Parameter	Datatype	Description
`identifierType`*	enum	Identifier used to generate OTP. Values: `MOBILE`, `EMAIL`, `USERNAME`.
`identifierValue`*	string	Value of the specified `identifierType`. For example, if `identifierType` is `MOBILE`, the `identifierValue` is the mobile number.
`deviceId`**	string	Unique ID of the device used for password validation. Should be the same as the `deviceId` used to generate the current token. Not applicable for web applications.
`brand`*	string	Name of the brand or org associated with the current account.
`sessionId`*	string	Session ID generated through the `v1/token/generate` API.
`password`*	string	Password of the current account. Note: You can configure maximum retries as well as account locking after several defined unsuccessful attempts to enter the correct password.

Parameters marked with * are mandatory, and the parameters marked with ** are required for the mobile app.

Response parameters

{
    "status": {
        "success": true,
        "code": 200,
        "message": "SUCCESS"
    },
    "auth": {
        "token": "eyJpZHYiOlsiTU9CSUxFfDkxOTk5OTkyMjMzMiJdLCJkZXYiOiJkZXZpY2VpZDEiLCJvcmciOiJET0NERU1PIiwiYWxnIjoiSFMyNTYifQ.eyJ1aWQiOiI0NDEyNDU4IiwiaXNzIjoiQ0FQSUxMQVJZIFRFQ0hOT0xPR0lFUyIsImlzYyI6ImZhbHNlIiwib2djIjpbIjEwMDczN3xuZWVyYWouZG9jIl0sImV4cCI6MTc2MDM1NjYyNSwiaWF0IjoxNzYwMzUzMDI1LCJyb2wiOiJVU0VSIn0.5fvUeAvhu7kOkhJRubZ0tiEyzEQJ4ARpwxV6EXuFt1I",
        "key": "eyJpZHYiOlsiTU9CSUxFfDkxOTk5OTkyMjMzMiJdLCJkZXYiOiJkZXZpY2VpZDEiLCJvcmciOiJET0NERU1PIiwiYWxnIjoiSFMyNTYifQ.eyJ1aWQiOiI0NDEyNDU4IiwiaXNzIjoiQ0FQSUxMQVJZIFRFQ0hOT0xPR0lFUyIsIm1mYSI6ZmFsc2UsImlhdCI6MTc2MDM1MzAyNSwicm9sIjoiQVVUSCJ9.ArsBygaS9m5cgRihZYtLyorkuvSyIK0aMOVPnErHZKI"
    },
    "identifiers": {
        "identifierList": null
    },
    "user": {
        "appRegistered": false,
        "sessionId": null,
        "role": "USER",
        "userRegisteredForPassword": true
    }
}

{
    "status": {
        "success": true,
        "code": 200,
        "message": "SUCCESS"
    },
    "auth": {
        "token": "eyJpZHYiOlsiTU9CSUxFfDkxOTk5OTkyMjMzMiJdLCJkZXYiOm51bGwsIm9yZyI6IkRPQ0RFTU8iLCJhbGciOiJIUzI1NiJ9.eyJ1aWQiOiI0NDEyNDU4IiwiaXNzIjoiQ0FQSUxMQVJZIFRFQ0hOT0xPR0lFUyIsImlzYyI6ImZhbHNlIiwib2djIjpbIjEwMDczN3xuZWVyYWouZG9jIl0sImV4cCI6MTc2MDM2NDE0MiwiaWF0IjoxNzYwMzUzMzQyLCJyb2wiOiJVU0VSIn0.Y_bFGVIrxlFLJGABIg-VSVE9ubyoin9XGFboPq44xys",
        "key": null
    },
    "identifiers": {
        "identifierList": null
    },
    "user": {
        "appRegistered": false,
        "sessionId": null,
        "role": "USER",
        "userRegisteredForPassword": true
    }
}

Parameter	Description
status	Object containing status information
success	Boolean indicating the success status
code	Number indicating the status code (e.g., 200 for success)
message	String providing a message related to the status
auth	Object containing authentication information
token	String representing the authentication token. By default, the token is valid for 15 minutes.
key	String representing the authentication key.
user	Object containing user information
appRegistered	Boolean indicating if the user is registered in the app
sessionId	Value representing the user's session ID
role	String indicating the user's role (e.g., "USER")
userRegisteredForPassword	Boolean indicating if the user is registered for a password

Error code

Code	Description
1526	Indicates a mismatch between the identifier type and its corresponding value.