Admin Login (v1)
Method + Path
POST /v1/auth/admin/login
Actual backend path: /v1/auth/admin/login
Description
Authenticate an admin user and receive access and refresh tokens. The tokens are set as HTTP-only cookies.
Authentication
Not required
Headers
| Header | Type | Required | Description |
|---|---|---|---|
Content-Type | string | Yes | application/json |
Request Body
{
"email": "admin@example.com",
"password": "securePassword123"
}
Body Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
email | string | Yes | Admin email address |
password | string | Yes | Admin password (minimum 12 characters) |
Response (200)
{
"admin": {
"id": "507f1f77bcf86cd799439011",
"email": "admin@example.com",
"roles": ["super-admin"]
},
"meta": {
"accessTokenExpiresIn": "15m",
"refreshTokenExpiresIn": "7d"
}
}
Note: The response also sets HTTP-only cookies:
refreshToken- Used for token refreshaccessToken- Used for authentication (may be set as cookie or returned in response)
Common Errors
- 400 Bad Request: Invalid request body
- 401 Unauthorized: Invalid email or password
- 422 Unprocessable Entity: Validation errors
- 500 Internal Server Error: Server error