Doctor Login (v1)
Method & Path
POST /api/v1/doctors/login
Actual backend path: /v1/doctors/login
Description
Authenticate a doctor and receive access and refresh tokens. The tokens are set as HTTP-only cookies.
Authentication
Required: None (public endpoint)
Headers
| Header | Type | Required | Description |
|---|---|---|---|
Content-Type | string | Yes | application/json |
Request Body
{
"email": "doctor@example.com",
"password": "securePassword123"
}
Body Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
email | string | Yes | Doctor email address |
password | string | Yes | Doctor password |
Response 200 OK
{
"doctor": {
"id": "507f1f77bcf86cd799439011",
"email": "doctor@example.com",
"fullName": "Dr. John Smith",
"createdAt": "2024-01-15T10:00:00Z",
"updatedAt": "2024-01-15T10:00:00Z"
},
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}
Note: The response also sets HTTP-only cookies:
refreshToken- Used for token refresh (7 days expiry)accessToken- Used for authentication (15 minutes expiry)
Common Errors
- 400 Bad Request: Invalid request body
- 401 Unauthorized: Invalid email or password
- 422 Unprocessable Entity: Validation errors
- 500 Internal Server Error: Server error