LOGIN API
This Api is used to authenticate users by validating their login credentials. Upon successful authentication, the API returns the following in the response :
- access_token : This token must be includedin the Authorization header of all subsequnt API request to authorize the users session.
- broadcase_access_token :This token is required to establish a connection with the feed endpoint, accessile via the broadCastSocket URL provided in the response. Please refer to the Price Feed API for detailed usage instructions.
Additionally, the response includes essential information for trading, such as:
- The list of exchanges allowed for the user.
- Supported Product type.
- Other key trading-related parameters.
This API is prerequisite for accessing all authenticated endpoints in the system.
🗝️Login Types and Second-Factor Authentication
| login_type | Password Field | second_auth-type | second_auth_value |
|---|---|---|---|
| PASSWORD | Password | REGISTER | Not required |
| TOKEN | register_token | OTP/TOTP/FINGERPRINT | OTP Value/TOTP Value/Registered UDID |
| PASSWORD | Password | OTP/TOTP/FINGERPRINT | OTP Value/TOTP Value/Registered UDID |
| MPIN | MPIN Registered | OTP/TOTP/FINGERPRINT | OTP Value/TOTP Value/Registered UDID |
📝Authentication Flow Notes
- To retrieve the second-factor authentication methods available for a user, user REGISTER in the second_auth_type field.
- This will validate the provided password and return a register_token.
- The returned register_token can then be used in a subsequent login attempt with login_type set to TOKEN, along with the appropriate second-factor credentials.
📑Request Body Parameters
| Field | Type | Required | Descrpiton | Example/Enum |
|---|---|---|---|---|
| user_id | string | Yes | User ID (UCC) Provided to the user | "UCC123456" |
| login_type | string | Optional | Specifies the login method. Determines which vlaue is passed in the password field. Use TP_TOKEN when authentication is handled externally 9eg., via a Super APP) | Default: "PASSWORD" Enum : PASSWORD, MPIN, FINGERPRINT, TP_TOKEN |
| password | string | Yes | Password, MPIN, UDID or SSO Token depnding on the login_type selected. | "mypassword123" |
| second_auth_tpe | string | Optional | Type of secondary authentication selected by the user.User REGISTER on first login to register a second-factor method. | Enum : OTP, TOTP, FINGERPRINT, REGISTER |
| second_auth | string | Optional | The credential value for the selected secondary authentication type (e.g., OTP, TOTP,UDID) | "123456"/"MyDeviceID" |
| api_key | string | Yes | API Key providedby Synapsewavefor authenticating the client application | "xyz-api-key" |
| source | string | Yes | Indicates the platfrom from which the user is logging in | Enum : WEBAPI, MOBILEAPI |
🟢Success Response - 200 Ok
Content-Type: application/json
| Filed | Type | Description | Exmple |
|---|---|---|---|
| status | string | Indicates the result of the API call | "success" |
| code | string | Response code corresponding to the request | "s-101" |
| message | string | Descriptive message for the response | "User logged in Successfully." |
| data | object | Contains the user login response payload, including token and user-specific trading information | Refer to Login Response Data Section |
🔴 Error Response - 400 Resource Not Found
Content-Type: application/json
| Field | Type | Description | Example |
|---|---|---|---|
| status | string | Indicates the result of the API call Default Error | "error" |
| code | string | Error code corresponding to the request | "e-101" |
| message | string | Specific message describing why the requested resource could not be found | "Error Message" |
post
/authentication/v1/user/session