Email + Password Login Interface

During the call to the Email + Password login interface, different results are returned based on configuration. A successful call normally returns the user's session_token. If password expiration check or two-factor authentication is enabled, a state_token is returned. Failure returns error information.

Request Description

Request URL https://{your_domain}/api/v2/sdk/login/email-pwd

Request Method POST

Content-Type application/json

Request Header Parameters

Parameter	Chinese Name	Required	Type	Example
X-operating-sys-version	Caller OS Version	Yes	String	windows10.1.1
X-device-fingerprint	Caller Device Fingerprint	Yes	String	156aysdna213sc50
X-device-ip	Caller IP	No	String	192.168.1.2
X-agent	User-Agent Information	Yes	String	Mozilla/5.0 (iPhone; CPU iPhone OS 13_3 like Mac OS X) AppleWebKit/605.1.15(KHTML, like Gecko) Mobile/15E148/HuaWei-AnyOffice/2.6.1802.0010/com.huawei.cloudlink.workplace
X-L	For Internationalization Language Setting	No	String	zh
X-client-id	Application Authorization ID	Yes	String	nTo1eRIub60vPb54WeE6aojPwYwImtl4

Request Body Example

{
    "email":"zhangsan@qq.com",
    "password":"123456"
}

Request Parameters

Parameter Name	Chinese Name	Required	Type	Description
email	Email	Yes	String	Email address
password	Password	Yes	String	Password

Response Example

Success Example 1 (Returns session_token on successful user match):
HTTP/1.1 200 OK
Content-Type: application/json
{
    "session_token": "btsiBjx85prcZu6I6Ki057Tmw3nSF2VO",
    "expire": 604800,
    "status": "SUCCESS",
    "id_token": "eyJraWQiOiJrMSIsImFsZyI6IlJTMjU2In0.eyJpc3MiOiJJc3N1ZXIiLCJhdWQiOiJBdWRpZW5jZSIsImV4cCI6MTY1MzQ4NDQxMiwianRpIjoieUxSVGZXY1VkYk9PeUFpbHdZU0ZqZyIsImlhdCI6MTY1MzQ2NjQxMiwibmJmIjoxNjUzNDY2MjkyLCJzdWIiOiJzdWJqZWN0IiwiYXBpIjoie1wibmFtZVwiOlwiXCIsXCJtb2JpbGVcIjpcIis4Ni0xNTkwNzEzMjg1MlwiLFwiaWRcIjpcIjIwMjIwNDI1MTQwMTM4NTE5LUJGMUItNTI4QjA1NTFCXCIsXCJ1c2VyTmFtZVwiOlwibG91eGlcIixcImVtYWlsXCI6XCIxMUBxcS5jb21cIn0ifQ.al79knH1fKa4aT4AFr_FMjqBKu2pV_g-lKzzgHzmor5X-dHwSBUtjH38KOzjIqHvkcRMjXQuBnWmjRI7-0Djn2LuWVueaf3wRXLscCWiSDC7chjUyTRXMatYINxdvW-oSWFYGFqqbdsavLqOnvehd7ahEaTuiL9yZolvslZIkIxjxBJJu7A9Ln2sk3wf9pxXU83jIJ8ubPQBoVS-ilerTTJOKDZ9XsL2ftJsaqdTJK_mYbvKaVpLIVyHHJ2NcF6f-Al4N4kc8cgxtSgSKFDcR7Bz7dYlOcfUXCPAzJ3NZInm8UaksiWU02tvlvTRvRdoxZNnvD5vamZ5hjFc-cW5jA"
}
Success Example 2 (Returns password expiration warning flow):
HTTP/1.1 200 OK
Content-Type: application/json
{
    "status": "PASSWORD_WARN",
    "state_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ7XCJ1c2VySWRcIjpcIjIwMjIwMjExMTY0NDUwNjk5LTE2M0QtNTVFMEI1RTRCXCIsXCJzdGF0dXNcIjpcIlBBU1NXT1JEX0VYUElSRURcIn0iLCJleHAiOjE2NDQ1NzEzNjAsImlhdCI6MTY0NDU2OTU2MCwianRpIjoiMTY0NDU2OTU2MDIwNDAifQ.WGk9GGQGmKsmo4UmCzKfiC9x1Fj0WBowdO7jEStMvB4",
    "data": "{\"maxLength\":18,\"minLength\":8,\"regEx\":\"^.{8,18}$\",\"tip\":\"密码长度在8至18之间\",\"verifyTypes\":{\"PWD\":null,\"MOBILE\":\"+86-130****1234\",\"EMAIL\":\"****@qq.com\"}}"
}
Success Example 3 (Returns password expired flow):
HTTP/1.1 200 OK
Content-Type: application/json
{
    "status": "PASSWORD_EXPIRED",
    "state_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWJqZWN0Ijoie1wic3RhdGVcIjpcIlBBU1NXT1JEX1dBUk5cIixcInVzZXJJZFwiOlwiMjAyMTA3MjYxNzQwNTgxNDUtOTFCQy0xM0UwMTRBQkJcIn0iLCJpZCI6IjIwMjEwNzI2MTc0MDU4MTQ1LTkxQkMtMTNFMDE0QUJCIiwiZXhwIjoxNjI3MTkwLCJpYXQiOjE2Mjg4NDY1OTB9.-egHWNfNPIxNnM540_wTYMtFwB4C9ymznEPRiIC4we0",
    "data": "{\"maxLength\":18,\"minLength\":8,\"regEx\":\"^.{8,18}$\",\"tip\":\"密码长度在8至18之间\",\"verifyTypes\":{\"PWD\":null,\"MOBILE\":\"+86-130****1234\",\"EMAIL\":\"****@qq.com\"}}"
}
Success Example 4 (Returns secondary authentication flow):
HTTP/1.1 200 OK
Content-Type: application/json
{
    "status": "MFA_AUTH",
    "state_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWJqZWN0Ijoie1wic3RhdGVcIjpcIlBBU1NXT1JEX1dBUk5cIixcInVzZXJJZFwiOlwiMjAyMTA3MjYxNzQwNTgxNDUtOTFCQy0xM0UwMTRBQkJcIn0iLCJpZCI6IjIwMjEwNzI2MTc0MDU4MTQ1LTkxQkMtMTNFMDE0QUJCIiwiZXhwIjoxNjI3MTkwLCJpYXQiOjE2Mjg4NDY1OTB9.-egHWNfNPIxNnM540_wTYMtFwB4C9ymznEPRiIC4we0",
    "data": "[\"SMS\",\"EMAIL\"]"
}
Success Example 5 (Returns access denied flow):
HTTP/1.1 200 OK
Content-Type: application/json
{
    "status": "ACCESS_DENIED",
    "state_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWJqZWN0Ijoie1wic3RhdGVcIjpcIlBBU1NXT1JEX1dBUk5cIixcInVzZXJJZFwiOlwiMjAyMTA3MjYxNzQwNTgxNDUtOTFCQy0xM0UwMTRBQkJcIn0iLCJpZCI6IjIwMjEwNzI2MTc0MDU4MTQ1LTkxQkMtMTNFMDE0QUJCIiwiZXhwIjoxNjI3MTkwLCJpYXQiOjE2Mjg4NDY1OTB9.-egHWNfNPIxNnM540_wTYMtFwB4C9ymznEPRiIC4we0",
    "data": "拒绝访问"
}
Error Example:
HTTP/1.1 400 Bad Request
{
    "error_code": "SDK.COMMON.1001",
    "error_msg": "Parameter X-client-id cannot be left blank."
}

Return Parameters

Parameter Name	Chinese Name	Type	Description
status	Login Flow Status Identifier	String	This field may return the following values: SUCCESS = Login Successful PASSWORD_WARN = Password Expiring Soon PASSWORD_EXPIRED = Password Expired MFA_AUTH = Secondary Authentication ACCESS_DENIED = Access Denied
expire	session_token Validity Period	Number	session_token validity period, within which session_token can be used to obtain a ticket
session_token	User session_token	String	User session_token, which can be used to call IDaaS interfaces to obtain a ticket; the ticket can be exchanged for user information
state_token	User State Token	String	User state token
data	Return Description	String	Return Description: status = PASSWORD_WARN/PASSWORD_EXPIRED, returns password length rules and supported password modification methods verifyTypes, PWD: Password, MOBILE: Mobile Phone, EMAIL: Email status = MFA_AUTH, returns secondary authentication methods status = ACCESS_DENIED, returns access denied
id_token	Short-term valid, interface call credential	String	This field is a jwt that stores user information and application scope information, which needs to be obtained after signature verification; it is valid for 2 hours by default and supports configuration

I am ready. Please provide the Markdown content for translation.