Authentication | sfp

post

Authenticates an admin user with email and password credentials

Body

emailstringRequired

Email address of the admin user

Example: [email protected]

passwordstringRequired

Password for the admin user

Example: password123

Responses

200

Authentication successful

application/json

successbooleanRequired

Indicates if the login was successful

Example: true

access_tokenstringRequired

Access token for authenticated requests

Example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

refresh_tokenstringRequired

Refresh token for obtaining new access tokens

Example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

userobjectRequired

User information

Example: {"id":"123","email":"[email protected]","role":"owner"}

errorstringRequired

Error message if login failed

Example: Invalid credentials

401

Unauthorized - Invalid credentials or insufficient permissions

429

Too Many Requests - Rate limit exceeded

500

Internal server error

post

/sfp/api/auth/admin/login

POST /sfp/api/auth/admin/login HTTP/1.1
Content-Type: application/json
Accept: */*
Content-Length: 54

{
  "email": "[email protected]",
  "password": "password123"
}

{
  "success": true,
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "user": {
    "id": "123",
    "email": "[email protected]",
    "role": "owner"
  },
  "error": "Invalid credentials"
}

Login (if required) and continue to the requested action

get

Renders a dynamic login page. If the user is already authenticated, proceeds directly to the requested action with provided parameters. Used as an entry point for browser-based, context-aware authentication and routing.

Query parameters

actionstringRequired

The action to continue to after login (e.g., frontdoorUrl)

paramsstringRequired

Comma-separated key:value pairs for action context. For frontDoorUrl action: targetOrg:myorg (required), repository:org/repo (optional), prodOrg:[email protected] (optional)

Responses

200

HTML page for login and continuation.

No content

get

/sfp/api/auth/continue

GET /sfp/api/auth/continue?action=text&params=text HTTP/1.1
Accept: */*

200

HTML page for login and continuation.

No content

Handle authentication callback

post

Validates the provided access token and optional refresh token

Body

access_tokenstringRequired

The access token for authentication

Example: eyJhbGciOiJIUzI1NilsImtpZCI6IlRbEty...

refresh_tokenstringOptional

Optional refresh token

Responses

200

Authentication successful

application/json

successbooleanRequired

Indicates if the operation was successful

Example: true

dataobjectRequired

The response data from auth service

Example: {"userId":"123"}

401

Unauthorized - No access token provided or invalid token

500

Internal server error

post

/sfp/api/auth/callback

POST /sfp/api/auth/callback HTTP/1.1
Content-Type: application/json
Accept: */*
Content-Length: 80

{
  "access_token": "eyJhbGciOiJIUzI1NilsImtpZCI6IlRbEty...",
  "refresh_token": "text"
}

{
  "success": true,
  "data": {
    "userId": "123"
  }
}

Good morning

hashtagAdmin login with username and password

hashtagLogin (if required) and continue to the requested action

hashtagHandle authentication callback

Admin login with username and password

Login (if required) and continue to the requested action

Handle authentication callback