post
https://{host}/auth/v1/web/password/validate
Recent Requests
Log in to see full request history
| Time | Status | User Agent | |
|---|---|---|---|
Retrieving recent requests… | |||
Loading…
Validates the password of an existing user account and generates an access token and a key when using a mobile application. By default, the token remains valid for 15 minutes, and the key can be used to regenerate a new token.
A first-time user cannot directly validate the password. Instead, the user must enter the password during token generation, generate OTP, and validate it using an OTP. From the next login onward, the user can directly validate the password.
Resource Information
| URI for Mobile App | auth/v1/password/validate |
| URI for Web App | auth/v1/web/password/validate |
| Rate Limited? | Yes |
| Authentication | No |
| HTTP Method | POST |
| Batch Support | No |
Request URL
For mobile application:
http:ae-host/auth/v1/password/validate
For web application:
http:ae-host/auth/v1/web/password/validate
Request Body Parameters
curl --location 'https://eu.api.capillarytech.com/auth/v1/password/validate' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--header 'accept: application/json' \
--data '{
"identifierType": "MOBILE",
"identifierValue": "919999922332",
"brand": "DocDemo",
"deviceId": "deviceid1",
"password": "abc123",
"sessionId": "P-268e52ac-0546-4ae1-8826-578a897efeae"
}'curl --location 'https://eu.api.capillarytech.com/auth/v1/web/password/validate' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--header 'accept: application/json' \
--data '{
"identifierType": "MOBILE",
"identifierValue": "919999922332",
"brand": "DocDemo",
"password": "abc123",
"sessionId": "P-570b6b63-52e1-4fd1-a904-3489acb6a976"
}'| Parameter | Datatype | Description |
|---|---|---|
identifierType* | enum | Identifier used to generate OTP. Values: MOBILE, EMAIL, USERNAME. |
identifierValue* | string | Value of the specified identifierType. For example, if identifierType is MOBILE, the identifierValue is the mobile number. |
deviceId** | string | Unique ID of the device used for password validation. Should be the same as the deviceId used to generate the current token. Not applicable for web applications. |
brand* | string | Name of the brand or org associated with the current account. |
sessionId* | string | Session ID generated through the v1/token/generate API. |
password* | string | Password of the current account. Note: You can configure maximum retries as well as account locking after several defined unsuccessful attempts to enter the correct password. |
- Parameters marked with are mandatory, and the parameters marked with * are required for the mobile app.
Response parameters
{
"status": {
"success": true,
"code": 200,
"message": "SUCCESS"
},
"auth": {
"token": "eyJpZHYiOlsiTU9CSUxFfDkxOTk5OTkyMjMzMiJdLCJkZXYiOiJkZXZpY2VpZDEiLCJvcmciOiJET0NERU1PIiwiYWxnIjoiSFMyNTYifQ.eyJ1aWQiOiI0NDEyNDU4IiwiaXNzIjoiQ0FQSUxMQVJZIFRFQ0hOT0xPR0lFUyIsImlzYyI6ImZhbHNlIiwib2djIjpbIjEwMDczN3xuZWVyYWouZG9jIl0sImV4cCI6MTc2MDM1NjYyNSwiaWF0IjoxNzYwMzUzMDI1LCJyb2wiOiJVU0VSIn0.5fvUeAvhu7kOkhJRubZ0tiEyzEQJ4ARpwxV6EXuFt1I",
"key": "eyJpZHYiOlsiTU9CSUxFfDkxOTk5OTkyMjMzMiJdLCJkZXYiOiJkZXZpY2VpZDEiLCJvcmciOiJET0NERU1PIiwiYWxnIjoiSFMyNTYifQ.eyJ1aWQiOiI0NDEyNDU4IiwiaXNzIjoiQ0FQSUxMQVJZIFRFQ0hOT0xPR0lFUyIsIm1mYSI6ZmFsc2UsImlhdCI6MTc2MDM1MzAyNSwicm9sIjoiQVVUSCJ9.ArsBygaS9m5cgRihZYtLyorkuvSyIK0aMOVPnErHZKI"
},
"identifiers": {
"identifierList": null
},
"user": {
"appRegistered": false,
"sessionId": null,
"role": "USER",
"userRegisteredForPassword": true
}
}{
"status": {
"success": true,
"code": 200,
"message": "SUCCESS"
},
"auth": {
"token": "eyJpZHYiOlsiTU9CSUxFfDkxOTk5OTkyMjMzMiJdLCJkZXYiOm51bGwsIm9yZyI6IkRPQ0RFTU8iLCJhbGciOiJIUzI1NiJ9.eyJ1aWQiOiI0NDEyNDU4IiwiaXNzIjoiQ0FQSUxMQVJZIFRFQ0hOT0xPR0lFUyIsImlzYyI6ImZhbHNlIiwib2djIjpbIjEwMDczN3xuZWVyYWouZG9jIl0sImV4cCI6MTc2MDM2NDE0MiwiaWF0IjoxNzYwMzUzMzQyLCJyb2wiOiJVU0VSIn0.Y_bFGVIrxlFLJGABIg-VSVE9ubyoin9XGFboPq44xys",
"key": null
},
"identifiers": {
"identifierList": null
},
"user": {
"appRegistered": false,
"sessionId": null,
"role": "USER",
"userRegisteredForPassword": true
}
}| Parameter | Description |
|---|---|
| status | Object containing status information |
| Boolean indicating the success status |
| Number indicating the status code (e.g., 200 for success) |
| String providing a message related to the status |
| auth | Object containing authentication information |
| String representing the authentication token. By default, the token is valid for 15 minutes. |
| String representing the authentication key. |
| user | Object containing user information |
| Boolean indicating if the user is registered in the app |
| Value representing the user's session ID |
| String indicating the user's role (e.g., "USER") |
| Boolean indicating if the user is registered for a password |
Error code
| Code | Description |
|---|---|
| 1526 | Indicates a mismatch between the identifier type and its corresponding value. |