Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.neuro-tech.io/llms.txt

Use this file to discover all available pages before exploring further.

Overview

Authenticates a user and returns a JWT. This method is intended for programmatic clients and is an alternative to browser-based login flows.

HTTP request

POST /Agent/Account/Login

Authentication

Sign the request using HMAC-SHA256 with the account password as the key. Signature message: 
userName:host:nonce

Request body

{
  "userName": "alice",
  "nonce": "random-unique-string-at-least-32-chars",
  "signature": "base64-hmac",
  "seconds": 3600
}
FieldTypeRequiredDescription
userNamestringyesUsername to authenticate.
noncestringyesUnique random string (minimum 32 chars).
signaturestringyesHMAC signature of the request.
secondsnumberyesJWT lifetime in seconds (0 < seconds <= 3600).

Response

{
  "jwt": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "expires": "2024-08-02T11:22:11Z"
}
FieldTypeDescription
jwtstringJWT bearer token.
expiresstringJWT expiration timestamp.

Security tips

  • Store passwords securely and avoid logging them.
  • Never reuse a nonce.

Next steps