# Authentication

## Admin login with username and password

> Authenticates an admin user with email and password credentials

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.5.1"},"paths":{"/sfp/api/auth/admin/login":{"post":{"operationId":"AuthController_adminLogin","summary":"Admin login with username and password","description":"Authenticates an admin user with email and password credentials","parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/AdminLoginDto"}}}},"responses":{"200":{"description":"Authentication successful","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AdminLoginResponse"}}}},"401":{"description":"Unauthorized - Invalid credentials or insufficient permissions"},"429":{"description":"Too Many Requests - Rate limit exceeded"},"500":{"description":"Internal server error"}},"tags":["Authentication"]}}},"components":{"schemas":{"AdminLoginDto":{"type":"object","properties":{"email":{"type":"string","description":"Email address of the admin user"},"password":{"type":"string","description":"Password for the admin user"}},"required":["email","password"]},"AdminLoginResponse":{"type":"object","properties":{"success":{"type":"boolean","description":"Indicates if the login was successful"},"access_token":{"type":"string","description":"Access token for authenticated requests"},"refresh_token":{"type":"string","description":"Refresh token for obtaining new access tokens"},"user":{"type":"object","description":"User information"},"error":{"type":"string","description":"Error message if login failed"}},"required":["success","access_token","refresh_token","user","error"]}}}}
```

## Login (if required) and continue to the requested action

> Renders a dynamic login page. If the user is already authenticated, proceeds directly to the requested action with provided parameters. Used as an entry point for browser-based, context-aware authentication and routing.

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.5.1"},"paths":{"/sfp/api/auth/continue":{"get":{"operationId":"AuthController_continue","summary":"Login (if required) and continue to the requested action","description":"Renders a dynamic login page. If the user is already authenticated, proceeds directly to the requested action with provided parameters. Used as an entry point for browser-based, context-aware authentication and routing.","parameters":[{"name":"action","required":true,"in":"query","description":"The action to continue to after login (e.g., frontdoorUrl)","schema":{"type":"string"}},{"name":"params","required":true,"in":"query","description":"Comma-separated key:value pairs for action context. For frontDoorUrl action: targetOrg:myorg (required), repository:org/repo (optional), prodOrg:prod@salesforce.com (optional)","schema":{"type":"string"}}],"responses":{"200":{"description":"HTML page for login and continuation."}},"tags":["Authentication"]}}}}
```

## Handle authentication callback

> Validates the provided access token and optional refresh token

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.5.1"},"paths":{"/sfp/api/auth/callback":{"post":{"operationId":"AuthController_handleCallback","summary":"Handle authentication callback","description":"Validates the provided access token and optional refresh token","parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/AuthCallbackDto"}}}},"responses":{"200":{"description":"Authentication successful","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AuthCallbackResponse"}}}},"401":{"description":"Unauthorized - No access token provided or invalid token"},"500":{"description":"Internal server error"}},"tags":["Authentication"]}}},"components":{"schemas":{"AuthCallbackDto":{"type":"object","properties":{"access_token":{"type":"string","description":"The access token for authentication"},"refresh_token":{"type":"string","description":"Optional refresh token"}},"required":["access_token"]},"AuthCallbackResponse":{"type":"object","properties":{"success":{"type":"boolean","description":"Indicates if the operation was successful"},"data":{"type":"object","description":"The response data from auth service"}},"required":["success","data"]}}}}
```

## The AuthCallbackDto object

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.5.1"},"components":{"schemas":{"AuthCallbackDto":{"type":"object","properties":{"access_token":{"type":"string","description":"The access token for authentication"},"refresh_token":{"type":"string","description":"Optional refresh token"}},"required":["access_token"]}}}}
```

## The AuthCallbackResponse object

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.5.1"},"components":{"schemas":{"AuthCallbackResponse":{"type":"object","properties":{"success":{"type":"boolean","description":"Indicates if the operation was successful"},"data":{"type":"object","description":"The response data from auth service"}},"required":["success","data"]}}}}
```

## The AdminLoginDto object

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.5.1"},"components":{"schemas":{"AdminLoginDto":{"type":"object","properties":{"email":{"type":"string","description":"Email address of the admin user"},"password":{"type":"string","description":"Password for the admin user"}},"required":["email","password"]}}}}
```

## The AdminLoginResponse object

```json
{"openapi":"3.0.0","info":{"title":"sfp server","version":"51.5.1"},"components":{"schemas":{"AdminLoginResponse":{"type":"object","properties":{"success":{"type":"boolean","description":"Indicates if the login was successful"},"access_token":{"type":"string","description":"Access token for authenticated requests"},"refresh_token":{"type":"string","description":"Refresh token for obtaining new access tokens"},"user":{"type":"object","description":"User information"},"error":{"type":"string","description":"Error message if login failed"}},"required":["success","access_token","refresh_token","user","error"]}}}}
```