# Authentication

## Admin login with username and password

> Authenticates an admin user with email and password credentials

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.9.0"},"paths":{"/sfp/api/auth/admin/login":{"post":{"operationId":"AuthController_adminLogin","summary":"Admin login with username and password","description":"Authenticates an admin user with email and password credentials","parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/AdminLoginDto"}}}},"responses":{"200":{"description":"Authentication successful","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AdminLoginResponse"}}}},"401":{"description":"Unauthorized - Invalid credentials or insufficient permissions"},"429":{"description":"Too Many Requests - Rate limit exceeded"},"500":{"description":"Internal server error"}},"tags":["Authentication"]}}},"components":{"schemas":{"AdminLoginDto":{"type":"object","properties":{"email":{"type":"string","description":"Email address of the admin user"},"password":{"type":"string","description":"Password for the admin user"}},"required":["email","password"]},"AdminLoginResponse":{"type":"object","properties":{"success":{"type":"boolean","description":"Indicates if the login was successful"},"access_token":{"type":"string","description":"Access token for authenticated requests"},"refresh_token":{"type":"string","description":"Refresh token for obtaining new access tokens"},"local_supabase_url":{"type":"string","description":"Browser-accessible Supabase URL that issued the admin session tokens"},"local_supabase_anon_key":{"type":"string","description":"Anon key for the Supabase instance that issued the admin session tokens"},"user":{"type":"object","description":"User information"},"error":{"type":"string","description":"Error message if login failed"}},"required":["success","access_token","refresh_token","local_supabase_url","local_supabase_anon_key","user","error"]}}}}
```

## Login (if required) and continue to the requested action

> Renders a dynamic login page. If the user is already authenticated, proceeds directly to the requested action with provided parameters. Used as an entry point for browser-based, context-aware authentication and routing.

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.9.0"},"paths":{"/sfp/api/auth/continue":{"get":{"operationId":"AuthController_continue","summary":"Login (if required) and continue to the requested action","description":"Renders a dynamic login page. If the user is already authenticated, proceeds directly to the requested action with provided parameters. Used as an entry point for browser-based, context-aware authentication and routing.","parameters":[{"name":"action","required":true,"in":"query","description":"The action to continue to after login (e.g., frontdoorUrl)","schema":{"type":"string"}},{"name":"params","required":true,"in":"query","description":"Comma-separated key:value pairs for action context. For frontDoorUrl action: targetOrg:myorg (required), repository:org/repo (optional), prodOrg:prod@salesforce.com (optional)","schema":{"type":"string"}}],"responses":{"200":{"description":"HTML page for login and continuation."}},"tags":["Authentication"]}}}}
```

## Handle authentication callback

> Validates the provided access token and optional refresh token

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.9.0"},"paths":{"/sfp/api/auth/callback":{"post":{"operationId":"AuthController_handleCallback","summary":"Handle authentication callback","description":"Validates the provided access token and optional refresh token","parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/AuthCallbackDto"}}}},"responses":{"200":{"description":"Authentication successful","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AuthCallbackResponse"}}}},"401":{"description":"Unauthorized - No access token provided or invalid token"},"500":{"description":"Internal server error"}},"tags":["Authentication"]}}},"components":{"schemas":{"AuthCallbackDto":{"type":"object","properties":{"access_token":{"type":"string","description":"The access token for authentication"},"refresh_token":{"type":"string","description":"Optional refresh token"}},"required":["access_token"]},"AuthCallbackResponse":{"type":"object","properties":{"success":{"type":"boolean","description":"Indicates if the operation was successful"},"data":{"type":"object","description":"The response data from auth service"}},"required":["success","data"]}}}}
```

## The AuthCallbackDto object

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.9.0"},"components":{"schemas":{"AuthCallbackDto":{"type":"object","properties":{"access_token":{"type":"string","description":"The access token for authentication"},"refresh_token":{"type":"string","description":"Optional refresh token"}},"required":["access_token"]}}}}
```

## The AuthCallbackResponse object

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.9.0"},"components":{"schemas":{"AuthCallbackResponse":{"type":"object","properties":{"success":{"type":"boolean","description":"Indicates if the operation was successful"},"data":{"type":"object","description":"The response data from auth service"}},"required":["success","data"]}}}}
```

## The AdminLoginDto object

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.9.0"},"components":{"schemas":{"AdminLoginDto":{"type":"object","properties":{"email":{"type":"string","description":"Email address of the admin user"},"password":{"type":"string","description":"Password for the admin user"}},"required":["email","password"]}}}}
```

## The AdminLoginResponse object

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.9.0"},"components":{"schemas":{"AdminLoginResponse":{"type":"object","properties":{"success":{"type":"boolean","description":"Indicates if the login was successful"},"access_token":{"type":"string","description":"Access token for authenticated requests"},"refresh_token":{"type":"string","description":"Refresh token for obtaining new access tokens"},"local_supabase_url":{"type":"string","description":"Browser-accessible Supabase URL that issued the admin session tokens"},"local_supabase_anon_key":{"type":"string","description":"Anon key for the Supabase instance that issued the admin session tokens"},"user":{"type":"object","description":"User information"},"error":{"type":"string","description":"Error message if login failed"}},"required":["success","access_token","refresh_token","local_supabase_url","local_supabase_anon_key","user","error"]}}}}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.flxbl.io/flxbl/sfp/api-reference/authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.