> For the complete documentation index, see [llms.txt](https://docs.flxbl.io/flxbl/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.flxbl.io/flxbl/sfp/api-reference/authentication.md).

# Authentication

## Admin login with username and password

> Authenticates an admin user with email and password credentials

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.20.1"},"paths":{"/sfp/api/auth/admin/login":{"post":{"operationId":"AuthController_adminLogin","summary":"Admin login with username and password","description":"Authenticates an admin user with email and password credentials","parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/AdminLoginDto"}}}},"responses":{"200":{"description":"Authentication successful","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AdminLoginResponse"}}}},"401":{"description":"Unauthorized - Invalid credentials or insufficient permissions"},"429":{"description":"Too Many Requests - Rate limit exceeded"},"500":{"description":"Internal server error"}},"tags":["Authentication"]}}},"components":{"schemas":{"AdminLoginDto":{"type":"object","properties":{"email":{"type":"string","description":"Email address of the admin user"},"password":{"type":"string","description":"Password for the admin user"}},"required":["email","password"]},"AdminLoginResponse":{"type":"object","properties":{"success":{"type":"boolean","description":"Indicates if the login was successful"},"access_token":{"type":"string","description":"Access token for authenticated requests"},"refresh_token":{"type":"string","description":"Refresh token for obtaining new access tokens"},"local_supabase_url":{"type":"string","description":"Browser-accessible Supabase URL that issued the admin session tokens"},"local_supabase_anon_key":{"type":"string","description":"Anon key for the Supabase instance that issued the admin session tokens"},"user":{"type":"object","description":"User information"},"error":{"type":"string","description":"Error message if login failed"}},"required":["success","access_token","refresh_token","local_supabase_url","local_supabase_anon_key","user","error"]}}}}
```

## Legacy redirect: review-environment login link → codev access page

> Back-compat 302 for old PR links. Resolves the legacy targetOrg to its review-env assignment and redirects to /review-env/:assignmentId.

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.20.1"},"paths":{"/sfp/api/auth/continue":{"get":{"operationId":"AuthController_continue","summary":"Legacy redirect: review-environment login link → codev access page","description":"Back-compat 302 for old PR links. Resolves the legacy targetOrg to its review-env assignment and redirects to /review-env/:assignmentId.","parameters":[{"name":"action","required":true,"in":"query","description":"Legacy action; only 'frontDoorUrl' is supported.","schema":{"type":"string"}},{"name":"params","required":true,"in":"query","description":"Legacy comma-separated key:value blob, e.g. targetOrg:myorg,repository:org/repo","schema":{"type":"string"}}],"responses":{"302":{"description":"Redirect to the codev review-env access page."}},"tags":["Authentication"]}}}}
```

## Handle authentication callback

> Validates the provided access token and optional refresh token

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.20.1"},"paths":{"/sfp/api/auth/callback":{"post":{"operationId":"AuthController_handleCallback","summary":"Handle authentication callback","description":"Validates the provided access token and optional refresh token","parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/AuthCallbackDto"}}}},"responses":{"200":{"description":"Authentication successful","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AuthCallbackResponse"}}}},"401":{"description":"Unauthorized - No access token provided or invalid token"},"500":{"description":"Internal server error"}},"tags":["Authentication"]}}},"components":{"schemas":{"AuthCallbackDto":{"type":"object","properties":{"access_token":{"type":"string","description":"The access token for authentication"},"refresh_token":{"type":"string","description":"Optional refresh token"}},"required":["access_token"]},"AuthCallbackResponse":{"type":"object","properties":{"success":{"type":"boolean","description":"Indicates if the operation was successful"},"data":{"type":"object","description":"The response data from auth service"}},"required":["success","data"]}}}}
```

## The AuthCallbackDto object

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.20.1"},"components":{"schemas":{"AuthCallbackDto":{"type":"object","properties":{"access_token":{"type":"string","description":"The access token for authentication"},"refresh_token":{"type":"string","description":"Optional refresh token"}},"required":["access_token"]}}}}
```

## The AuthCallbackResponse object

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.20.1"},"components":{"schemas":{"AuthCallbackResponse":{"type":"object","properties":{"success":{"type":"boolean","description":"Indicates if the operation was successful"},"data":{"type":"object","description":"The response data from auth service"}},"required":["success","data"]}}}}
```

## The AdminLoginDto object

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.20.1"},"components":{"schemas":{"AdminLoginDto":{"type":"object","properties":{"email":{"type":"string","description":"Email address of the admin user"},"password":{"type":"string","description":"Password for the admin user"}},"required":["email","password"]}}}}
```

## The AdminLoginResponse object

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.20.1"},"components":{"schemas":{"AdminLoginResponse":{"type":"object","properties":{"success":{"type":"boolean","description":"Indicates if the login was successful"},"access_token":{"type":"string","description":"Access token for authenticated requests"},"refresh_token":{"type":"string","description":"Refresh token for obtaining new access tokens"},"local_supabase_url":{"type":"string","description":"Browser-accessible Supabase URL that issued the admin session tokens"},"local_supabase_anon_key":{"type":"string","description":"Anon key for the Supabase instance that issued the admin session tokens"},"user":{"type":"object","description":"User information"},"error":{"type":"string","description":"Error message if login failed"}},"required":["success","access_token","refresh_token","local_supabase_url","local_supabase_anon_key","user","error"]}}}}
```


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.flxbl.io/flxbl/sfp/api-reference/authentication.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.