Skip to main content
POST
/
auth
/
login
Login
curl --request POST \
  --url https://api.example.com/auth/login \
  --header 'Content-Type: application/json' \
  --data '
{
  "email": "<string>",
  "password": "<string>"
}
'
{
  "access_token": "<string>",
  "token_type": "<string>",
  "usuario": {
    "usuario.id": "<string>",
    "usuario.nombre": "<string>",
    "usuario.email": "<string>",
    "usuario.rol": "<string>"
  },
  "401 Unauthorized": {},
  "422 Unprocessable Entity": {}
}
Authenticate with email and password to receive a JWT access token. Use this token in the Authorization header for subsequent API requests.

Request Body

email
string
required
User’s registered email address
password
string
required
User’s password

Response

access_token
string
JWT access token to use for authenticated requests
token_type
string
Token type, always “bearer”
usuario
object
Authenticated user information
usuario.id
string
Unique identifier for the user
usuario.nombre
string
User’s full name
usuario.email
string
User’s email address
usuario.rol
string
User’s role. Possible values: “visitante”, “editor”, “admin”

Example Request

curl -X POST https://api.tesisrutas.com/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "password": "securePassword123"
  }'

Example Response

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjUwN2YxZjc3YmNmODZjZDc5OTQzOTAxMSIsImVtYWlsIjoibWFyaWFAZXhhbXBsZS5jb20iLCJyb2wiOiJ2aXNpdGFudGUifQ.xyz123",
  "token_type": "bearer",
  "usuario": {
    "id": "507f1f77bcf86cd799439011",
    "nombre": "María González",
    "email": "[email protected]",
    "rol": "visitante"
  }
}

Using the Access Token

Include the token in the Authorization header for authenticated requests: 
curl -X GET https://api.tesisrutas.com/rutas \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN"

JWT Token Payload

The JWT token contains the following claims:
  • id: User’s unique identifier
  • email: User’s email address
  • rol: User’s role for authorization purposes

Error Responses

401 Unauthorized
error
Returned when credentials are invalid
{
  "detail": "Credenciales inválidas"
}
422 Unprocessable Entity
error
Returned when request body is invalid or missing required fields
{
  "detail": [
    {
      "loc": ["body", "email"],
      "msg": "field required",
      "type": "value_error.missing"
    }
  ]
}

Notes

  • The JWT token is used for role-based access control throughout the API
  • Tokens should be stored securely on the client side
  • Include the token in the Authorization header as: Bearer YOUR_ACCESS_TOKEN
  • The token contains user ID, email, and role in its payload

Build docs developers (and LLMs) love

Get started for freeTalk to us