LOGIN API
This Api is used to authenticate users by validating their login credentials. Upon successful authentication, the API returns the following in the response :
- access_token : This token must be includedin the Authorization header of all subsequnt API request to authorize the users session.
- broadcase_access_token :This token is required to establish a connection with the feed endpoint, accessile via the broadCastSocket URL provided in the response. Please refer to the Price Feed API for detailed usage instructions.
Additionally, the response includes essential information for trading, such as:
- The list of exchanges allowed for the user.
- Supported Product type.
- Other key trading-related parameters.
This API is prerequisite for accessing all authenticated endpoints in the system.
🗝️Login Types and Second-Factor Authentication
| login_type | Password Field | second_auth-type | second_auth_value |
|---|---|---|---|
| PASSWORD | Password | REGISTER | Not required |
| TOKEN | register_token | OTP/TOTP/FINGERPRINT | OTP Value/TOTP Value/Registered UDID |
| PASSWORD | Password | OTP/TOTP/FINGERPRINT | OTP Value/TOTP Value/Registered UDID |
| MPIN | MPIN Registered | OTP/TOTP/FINGERPRINT | OTP Value/TOTP Value/Registered UDID |
| TP_TOKEN | SSO token | Not Required | Not Required |
📝Authentication Flow Notes
- To retrieve the second-factor authentication methods available for a user, user REGISTER in the second_auth_type field.
- This will validate the provided password and return a register_token.
- The returned register_token can then be used in a subsequent login attempt with login_type set to TOKEN, along with the appropriate second-factor credentials.
🔑Header Parameters
| Header | Type | Description | Example |
|---|---|---|---|
| Content-Type | string | Specifies the media type of the request payload | application/json |
| x-api-key | string | API key used to authorize the request | x-api-key |
📑Request Body Parameters
| Field | Type | Required | Descrpiton | Example/Enum |
|---|---|---|---|---|
| user_id | string | Yes | User ID (UCC) Provided to the user | "UCC123456" |
| login_type | string | Optional | Specifies the login method. Determines which vlaue is passed in the password field. Use TP_TOKEN when authentication is handled externally 9eg., via a Super APP) | Default: "PASSWORD" Enum : PASSWORD, MPIN, FINGERPRINT, TP_TOKEN |
| password | string | Yes | Password, MPIN, UDID or SSO Token depnding on the login_type selected. | "mypassword123" |
| second_auth_tpe | string | Optional | Type of secondary authentication selected by the user.User REGISTER on first login to register a second-factor method. | Enum : OTP, TOTP, FINGERPRINT, REGISTER |
| second_auth | string | Optional | The credential value for the selected secondary authentication type (e.g., OTP, TOTP,UDID) | "123456"/"MyDeviceID" |
| api_key | string | Yes | API Key providedby Synapsewavefor authenticating the client application | "xyz-api-key" |
| source | string | Yes | Indicates the platfrom from which the user is logging in | Enum : WEBAPI, MOBILEAPI |
| UDID | String | Optional | Unique Device ID of the user's device. | "device-12345-udid" |
| version | string | Optional | version number fo the Android application | "2.1.0" |
| iosversion | string | Optional | Version number of the iOS application | "3.0.5" |
| build_version | string | Optional | Internal build version of the application | "build-45" |
| deviceinfo | object | Optional | Additional information about the user's device (e.g., OS, model, etc) | {"os" : "Android", "model" : "Pixel 6"} |
📘DeviceInfo Object Fields
| Field | Type | Description | Example/ENUM |
|---|---|---|---|
| UDID | string | The unique identifier for the device. | "123e4567-e89b-a456-426614174000" |
| DeviceModel | string | The model of the device from which the user has logged in. | "iPhone 12" |
| DeviceSerialNo | string | The serial number of the device used for log in. | SN1234567890 |
| DeviceManufacturer | string | The manufacturer of the device used for login. | Apple |
| DevicePlatform | string | The platform of the device used for login | Web |
| DevicePlatformVer | string | The version of the platform (OS) on the device used for login. | 14.4 |
| Longitude | string | The longitude coordinate of the device's location when logging in. | 77.5946 |
| Latitude | string | The latitude coordinate of the device's location when logging in. | "12.9716" |
| AppName | string | The name of the application being used for login. | Wave 3.0 |
| AppVersion | string | The version of the application used for login. | "1.2.3" |
| AppVersionCode | string | The version code of the application used for login. | "200000" |
| AppPackageName | string | The package name of the application used for login (Android only). | com.example.myapp |
| FCMRegKey | string | The Firebase Cloud Messaging (FCM) registration key for push notifications | "172.25.90.82:8100 |
| IP | string | IP Address of the device used for login | "192.168.1.1" |
| SDKVersion | string | The version of the software development kit (SDK) used for the application. | "30" |
🟢Success Response - 200 Ok
Content-Type: application/json
| Filed | Type | Description | Exmple |
|---|---|---|---|
| status | string | Indicates the result of the API call | "success" |
| code | string | Response code corresponding to the request | "s-101" |
| message | string | Descriptive message for the response | "User logged in Successfully." |
| data | object | Contains the user login response payload, including token and user-specific trading information | Refer to Login Response Data Section |
post
/authentication/v1/user/session