Skip to main content
POST
/
api
/
auth
/
login
Login User
curl --request POST \
  --url https://api.example.com/api/auth/login \
  --header 'Content-Type: application/json' \
  --data '
{
  "email": "<string>",
  "password": "<string>"
}
'
{
  "success": true,
  "message": "<string>",
  "data": {
    "token": "<string>"
  },
  "timestamp": "<string>"
}

Endpoint

POST /api/auth/login
Authenticates an existing user with their email and password. Upon successful authentication, returns a JWT token that can be used for subsequent authenticated requests.

Request Body

email
string
required
The registered email address of the user.Validations:
  • Must not be blank
  • Must be a valid email format
password
string
required
The password for the user account.Validations:
  • Must not be blank

Response

success
boolean
Indicates whether the request was successful.
message
string
A human-readable message describing the result. Returns “Login exitoso” on success.
data
object
The authentication response data.
token
string
JWT authentication token to be used in subsequent requests. Include this token in the Authorization header as Bearer {token} for authenticated endpoints.
timestamp
string
ISO 8601 timestamp of when the response was generated.

Examples

curl -X POST https://api.portfoliohub.com/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "password": "securePassword123"
  }'

Success Response (200 OK)

{
  "success": true,
  "message": "Login exitoso",
  "data": {
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
  },
  "timestamp": "2026-03-09T14:30:00.123Z"
}

Error Responses

Validation Error (400 Bad Request)

Returned when request body fails validation constraints. 
{
  "success": false,
  "message": "Error de validación",
  "data": {
    "email": "must be a well-formed email address",
    "password": "must not be blank"
  },
  "timestamp": "2026-03-09T14:30:00.123Z"
}

Invalid Credentials (401 Unauthorized)

Returned when the email or password is incorrect. 
{
  "success": false,
  "message": "Credenciales inválidas",
  "data": null,
  "timestamp": "2026-03-09T14:30:00.123Z"
}

Status Codes

Status CodeDescription
200User successfully authenticated and token generated
400Invalid request body or validation errors
401Invalid email or password
500Internal server error

Using the Authentication Token

Once you receive the token from either the login or register endpoint, include it in the Authorization header of subsequent requests: 
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
The token contains encoded user information and is used to authenticate and authorize access to protected endpoints in the Portfolio Hub API.

Build docs developers (and LLMs) love

Get started for freeTalk to us