POST /auth
Authenticate User
POST
/auth
Authenticate a user and issue a bearer token.
Validates the supplied username and password against the User collection.
If the user has reset_password=True, returns a short-lived password-reset
token (action=reset_password) instead of a full session token. Otherwise
issues a 24-hour session token (action=start_session) and closes any
previously active sessions for the same user.
Emits: (direct transaction — no event class)
Required scope: (public — no auth)
Request Body
application/x-www-form-urlencoded
Format
"password"Default
""Format
"password"Responses
Successful Response
application/json
JSON "status": 200, "message": "string", "detail": "string", "access_token": "string", "token_type": "string"
{
}