Log in

User Guide > Resources > Log in

A login request authenticates the user and creates a session. This session exists until it is destroyed by a Logout request.

A succesful login request returns a session token, renewal token and its expiration date. A Renew Token request refreshes the token.

If a session token is provided in the Authorization header then the matching session is ended first.

The tenant name is a part of the API’s base URL, hence the tenant to login to is derived from the URL of this request.

The userspace and the username combination identify the session. If the user tries to sign in again with the same userspace then the login will fail.

The mfa and email parameter are used when the login request returns an MFA required error code (10012). If they match what’s sent to the e-mail provided in the Request MFA, the Login Response is returned.

The userspace parameter is typically selected by the program, and not by the user, and is not changed during the program’s lifetime.
A good practice is to choose a userspace name that is unique for the device on which the program is running, for example:

iphone-<username>

Having such a name helps to analyze server information.

Resource

POST /me/login

Parameters

None

Payload

Login Credentials

Response

Login Response

Context

Authorization

Guest

Errors

HTTP code Xelion code Description

400

10002

no user name specified

10003

no password specified

401

10004

wrong user name, password and tenant combination

10005

multiple logins: user is already logged in (in the same user space)

10006

account disabled

10007

password expired

10008

wrong version: server and client versions mismatch

10009

login failed: server error

10010

user space must not exceed 200 characters

10011

the user space is missing

10013

mfa required

10200

parameter is missing: client request has no payload

10202

parameter malformed: failed to decode the credentials object

500

11000

A server error occurred. See error message for more information.

Example

Request
POST https://xelion.nl/api/v1/master/me/login
Payload
{
        "userName":  "arnon",
        "password":  "arnons secret",
        "userSpace": "iphone-arnon",
        "appKey":    "329498937443209"
}
Response
{
  "authentication": "5944594058c3bb4b04d5c9db3072b30d56e513c13b9be4c9b2e0ae5734c6f99ac8",
  "renewalToken": "asdf77594456f99ac8",
  "validUntil": "2017-03-07 11:08:51",
  "version": "1.1",
  "serverVersion": "6 update 17",
  "buildNumber": "20170823.1"
}