Skip to main content

POST /api/v2/login

Authenticate users using email and password.

Headers

Content-Type
string
required
application/json

Request Body

email
string
required
User’s email address
password
string
required
User’s password
localcart
object
Local cart data to sync with server cart
localwishlist
array
Local wishlist items to sync with server wishlist

Response

access_token
string
JWT authentication token (use in Authorization header for subsequent requests)
username
string
User’s full name (firstname + lastname)
status
integer
Login status (1 = success)
ccnt
integer
Cart count
cart
object
Merged cart data after syncing local and server carts
wishlist
object
Merged wishlist data after syncing
is_first_time_login
boolean
Whether this is the user’s first login (always false for existing users)

Error Responses

401 Unauthorized 
{
  "title": "Invalid Credentials"
}
401 Unauthorized (Blocked Account) 
{
  "title": "Your Account has been blocked, please contact thesouledstore team"
}
400 Bad Request 
{
  "title": "Enter a valid email address"
}
401 Unauthorized (Expired) 
{
  "title": "New app version is available please update your app"
}

Code Examples

curl -X POST https://api.thesouledstore.com/api/v2/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "password": "mypassword123",
    "localcart": {},
    "localwishlist": []
  }'

POST /api/v3/login

Authenticate users using email and password with Google reCAPTCHA verification (enhanced security).

Headers

Content-Type
string
required
application/json

Request Body

email
string
required
User’s email address (validated)
password
string
required
User’s password
g-recaptcha-response
string
required
Google reCAPTCHA response token
localcart
object
Local cart data to sync with server cart
localwishlist
array
Local wishlist items to sync

Response

access_token
string
JWT authentication token
username
string
User’s full name
status
integer
Login status (1 = success)
ccnt
integer
Cart count
cart
object
Merged cart data
wishlist
object
Merged wishlist data
is_first_time_login
boolean
First login indicator

Error Responses

400 Bad Request (Invalid Captcha) 
{
  "title": "Invalid Captcha Please Try Again"
}
400 Bad Request (Missing Captcha) 
{
  "title": "Please enter captcha details"
}

Code Examples

curl -X POST https://api.thesouledstore.com/api/v3/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "password": "mypassword123",
    "g-recaptcha-response": "03AGdBq27...",
    "localcart": {},
    "localwishlist": []
  }'

POST /api/v2/login-tfa

Email login with two-factor authentication support.

Headers

Content-Type
string
required
application/json

Request Body

email
string
required
User’s email address
password
string
required
User’s password
g-recaptcha-response
string
required
Google reCAPTCHA token
localcart
object
Local cart to sync
localwishlist
array
Local wishlist to sync

Response

access_token
string
JWT token (prefixed with “2f.” for 2FA users)
username
string
User’s full name
status
integer
Login status
cart
object
Synced cart data
wishlist
object
Synced wishlist data
is_first_time_login
boolean
First login flag

Code Examples

curl -X POST https://api.thesouledstore.com/api/v2/login-tfa \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "password": "securepass",
    "g-recaptcha-response": "03AGdBq27..."
  }'

POST /api/v2/login-mobile

Authenticate users via mobile number with OTP verification.

Headers

Content-Type
string
required
application/json

Query Parameters

platform
string
Platform identifier (“web” or “mobile”)

Request Body

telephone
string
required
User’s mobile number (10 digits)
is_shopper_login
boolean
Whether this is a shopper login

Response

msg
string
Success message: “OTP sent successfully”
is_otp_sent
boolean
Whether OTP was sent successfully
isRegistered
boolean
Whether the user is registered

Error Responses

400 Bad Request (Invalid Phone) 
{
  "title": "Enter a valid mobile number"
}
403 Forbidden (Not Registered) 
{
  "title": "Phone number doesn't exist"
}
401 Unauthorized (Blocked) 
{
  "title": "Your Account has been blocked, please contact thesouledstore team"
}
400 Bad Request (Limit Exceeded) 
{
  "title": "Maximum limit exceeded"
}

Code Examples

curl -X POST "https://api.thesouledstore.com/api/v2/login-mobile?platform=mobile" \
  -H "Content-Type: application/json" \
  -d '{
    "telephone": "9876543210"
  }'

Notes

  • OTP is valid for a limited time (configured in REDIS_OBJECT_EXPIRY_IN_SEC)
  • Maximum OTP requests per day is limited (configured in RESEND_COUNT)
  • After receiving OTP, use /api/v1/verify-otp-login to complete authentication
  • OTP is sent via SMS to the provided mobile number

Build docs developers (and LLMs) love

Get started for freeTalk to us