Skip to main content

Overview

Authenticates a user and returns a JWT. This method is intended for programmatic clients and is an alternative to browser-based login flows.

HTTP request

POST /Agent/Account/Login

Authentication

Sign the request using HMAC-SHA256 with the account password as the key. Signature message:

Request body

Response

Security tips

  • Store passwords securely and avoid logging them.
  • Never reuse a nonce.

Next steps