Register customer account
curl -X POST http://localhost:4001/auth/register \
-H "Content-Type: application/json" \
-d '{
"email": "[email protected]",
"password": "SecurePass123!"
}'
Content-Type: application/json
{
"email": "[email protected]",
"password": "SecurePass123!"
}
Request body
User email address. Must be a valid email format.
User password. Must be between 8 and 128 characters.
Response
Indicates if the request was successful
Human-readable response message
Authentication token data
JWT access token for authenticated requests
Refresh token for token rotation
Token type (always “Bearer”)
Access token TTL in seconds
ISO 8601 timestamp of the response
{
"success": true,
"message": "User registered successfully",
"data": {
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"refreshToken": "7f4d8e2a-1b3c-4e5f-9a8b-7c6d5e4f3a2b",
"tokenType": "Bearer",
"expiresIn": 3600
},
"timestamp": "2026-03-03T10:30:00Z"
}
Login with email and password
curl -X POST http://localhost:4001/auth/login \
-H "Content-Type: application/json" \
-d '{
"email": "[email protected]",
"password": "SecurePass123!",
"deviceId": "mobile-app-ios-001"
}'
Content-Type: application/json
{
"email": "[email protected]",
"password": "SecurePass123!",
"deviceId": "mobile-app-ios-001"
}
Request body
Optional client device identifier for multi-device session tracking
Response
Indicates if the request was successful
Human-readable response message
Authentication token data
JWT access token for authenticated requests
Refresh token for token rotation
Token type (always “Bearer”)
Access token TTL in seconds
ISO 8601 timestamp of the response
{
"success": true,
"message": "Login successful",
"data": {
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"refreshToken": "9b2c8f4a-3d5e-6f7a-8b9c-0d1e2f3a4b5c",
"tokenType": "Bearer",
"expiresIn": 3600
},
"timestamp": "2026-03-03T10:30:00Z"
}
Rotate access and refresh tokens
curl -X POST http://localhost:4001/auth/refresh-token \
-H "Content-Type: application/json" \
-d '{
"refreshToken": "9b2c8f4a-3d5e-6f7a-8b9c-0d1e2f3a4b5c"
}'
Content-Type: application/json
{
"refreshToken": "9b2c8f4a-3d5e-6f7a-8b9c-0d1e2f3a4b5c"
}
Request body
Current refresh token obtained from login or previous refresh
Response
Indicates if the request was successful
Human-readable response message
New authentication token data
New JWT access token (old token is invalidated)
New refresh token (old token is invalidated)
Token type (always “Bearer”)
Access token TTL in seconds
ISO 8601 timestamp of the response
{
"success": true,
"message": "Token refreshed successfully",
"data": {
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"refreshToken": "1a2b3c4d-5e6f-7a8b-9c0d-1e2f3a4b5c6d",
"tokenType": "Bearer",
"expiresIn": 3600
},
"timestamp": "2026-03-03T11:30:00Z"
}
Logout current session
curl -X POST http://localhost:4001/auth/logout \
-H "Content-Type: application/json" \
-d '{
"refreshToken": "1a2b3c4d-5e6f-7a8b-9c0d-1e2f3a4b5c6d"
}'
Content-Type: application/json
{
"refreshToken": "1a2b3c4d-5e6f-7a8b-9c0d-1e2f3a4b5c6d"
}
Request body
Refresh token for the session to invalidate
Response
Indicates if the request was successful
Human-readable response message
No data returned for logout operations
ISO 8601 timestamp of the response
{
"success": true,
"message": "Logged out successfully",
"data": null,
"timestamp": "2026-03-03T12:00:00Z"
}
Logout from all devices
curl -X POST http://localhost:4001/auth/logout-all \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Bearer token for authentication. Format: Bearer <accessToken>
Response
Indicates if the request was successful
Human-readable response message
No data returned for logout operations
ISO 8601 timestamp of the response
{
"success": true,
"message": "Logged out from all devices",
"data": null,
"timestamp": "2026-03-03T12:00:00Z"
}
Get current authenticated user
curl -X GET http://localhost:4001/auth/me \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Bearer token for authentication. Format: Bearer <accessToken>
Response
Indicates if the request was successful
Human-readable response message
Current user profile data
User role. One of: CUSTOMER, ADMIN, SUPER_ADMIN, VENDOR
Account status. One of: ACTIVE, LOCKED, SUSPENDED
Whether the user’s email has been verified
ISO 8601 timestamp of account creation
ISO 8601 timestamp of last account update
ISO 8601 timestamp of the response
{
"success": true,
"message": "Current user fetched successfully",
"data": {
"id": 12345,
"email": "[email protected]",
"role": "CUSTOMER",
"accountStatus": "ACTIVE",
"emailVerified": true,
"createdAt": "2026-01-15T08:30:00Z",
"updatedAt": "2026-03-03T10:15:00Z"
},
"timestamp": "2026-03-03T12:00:00Z"
}
Change password for current user
curl -X POST http://localhost:4001/auth/change-password \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." \
-H "Content-Type: application/json" \
-d '{
"oldPassword": "SecurePass123!",
"newPassword": "NewSecurePass456!"
}'
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Content-Type: application/json
{
"oldPassword": "SecurePass123!",
"newPassword": "NewSecurePass456!"
}
Bearer token for authentication. Format: Bearer <accessToken>
Request body
Current password for verification
New password. Must be between 8 and 128 characters.
Response
Indicates if the request was successful
Human-readable response message
No data returned for password change operations
ISO 8601 timestamp of the response
{
"success": true,
"message": "Password changed successfully",
"data": null,
"timestamp": "2026-03-03T12:30:00Z"
}