> For clean Markdown of any page, append .md to the page URL.
> For a complete documentation index, see https://docs.tangerine365.com/llms.txt.
> For full documentation content, see https://docs.tangerine365.com/llms-full.txt.

# Authenticate

POST https://localhost:8090//api/auth/authenticate
Content-Type: application/x-www-form-urlencoded

[The API endpoint <code>https://localhost:8090/api/auth/authenticate</code>](https://localhost:8090//api/) is a POST request that is used to authenticate a user in the system.

This endpoint accepts user credentials (such as username and password).

It validates the credentials and, upon success, returns an authentication token along with basic user details.

Use this endpoint to obtain a token for accessing protected API endpoints.

### Request

- Method: POST
    
- Base URL: [https://localhost:8090/](https://localhost:8090/)
    
- Path: /api/auth/authenticate
    
- Headers:
    
    - Content-Type: application/x-www-form-urlencoded
        

### Request Body

The request body type is **`x-www-form-urlencoded`**

- username (string)username is required
    
- password (string): password is required
    

### Response

• success (boolean ) Indicates whether the authentication request was successful .

• message (string ) Message describing the result of the request .

• data :

- idst (integer ) Unique identifier (ID) of the user .  
    userid (string ) Username of the authenticated user .
    
- firstname (string ) First name of the user .
    
- lastname (string ) Last name of the user .
    
- avatar (string ) Filename of the user's avatar image .
    
- email (string ) Email address of the user .
    
- signature (string ) User’s signature .
    
- valid (integer ) Indicates whether the account is valid (1 = valid, 0 = invalid) .
    
- pwd_expire_at (datetime ) Timestamp when the password expires .
    
- register_date (datetime ) Registration date of the user (Unix timestamp or string) .
    
- last_enter (datetime ) Last login timestamp .
    
- custom_fields (array ) Array of custom user fields; empty if none.
    

• token (string ) Authentication token for API access .

• expire_at (datetime ) Expiration timestamp of the token.

Reference: https://docs.tangerine365.com/tangerine-365-enterprise/authenticate

## OpenAPI Specification

```yaml
openapi: 3.1.0
info:
  title: Tangerine365 Enterprise
  version: 1.0.0
paths:
  //api/auth/authenticate:
    post:
      operationId: authenticate
      summary: Authenticate
      description: >-
        [The API endpoint
        <code>https://localhost:8090/api/auth/authenticate</code>](https://localhost:8090//api/)
        is a POST request that is used to authenticate a user in the system.


        This endpoint accepts user credentials (such as username and password).


        It validates the credentials and, upon success, returns an
        authentication token along with basic user details.


        Use this endpoint to obtain a token for accessing protected API
        endpoints.


        ### Request


        - Method: POST
            
        - Base URL: [https://localhost:8090/](https://localhost:8090/)
            
        - Path: /api/auth/authenticate
            
        - Headers:
            
            - Content-Type: application/x-www-form-urlencoded
                

        ### Request Body


        The request body type is **`x-www-form-urlencoded`**


        - username (string)username is required
            
        - password (string): password is required
            

        ### Response


        • success (boolean ) Indicates whether the authentication request was
        successful .


        • message (string ) Message describing the result of the request .


        • data :


        - idst (integer ) Unique identifier (ID) of the user .  
            userid (string ) Username of the authenticated user .
            
        - firstname (string ) First name of the user .
            
        - lastname (string ) Last name of the user .
            
        - avatar (string ) Filename of the user's avatar image .
            
        - email (string ) Email address of the user .
            
        - signature (string ) User’s signature .
            
        - valid (integer ) Indicates whether the account is valid (1 = valid, 0
        = invalid) .
            
        - pwd_expire_at (datetime ) Timestamp when the password expires .
            
        - register_date (datetime ) Registration date of the user (Unix
        timestamp or string) .
            
        - last_enter (datetime ) Last login timestamp .
            
        - custom_fields (array ) Array of custom user fields; empty if none.
            

        • token (string ) Authentication token for API access .


        • expire_at (datetime ) Expiration timestamp of the token.
      tags:
        - ''
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Authenticate_Response_200'
      requestBody:
        content:
          application/json:
            schema:
              type: object
              properties:
                password:
                  type: string
                  description: tester password
                username:
                  type: string
                  description: testusername
              required:
                - password
                - username
servers:
  - url: https://localhost:8090
components:
  schemas:
    ApiAuthAuthenticatePostResponsesContentApplicationJsonSchemaData:
      type: object
      properties:
        idst:
          type: string
        email:
          type: string
          format: email
        valid:
          type: string
        avatar:
          description: Any type
        userid:
          type: string
        lastname:
          type: string
        firstname:
          type: string
        signature:
          description: Any type
        last_enter:
          description: Any type
        custom_fields:
          type: array
          items:
            description: Any type
        pwd_expire_at:
          description: Any type
        register_date:
          type: string
      required:
        - idst
        - email
        - valid
        - userid
        - lastname
        - firstname
        - custom_fields
        - register_date
      title: ApiAuthAuthenticatePostResponsesContentApplicationJsonSchemaData
    Authenticate_Response_200:
      type: object
      properties:
        data:
          $ref: >-
            #/components/schemas/ApiAuthAuthenticatePostResponsesContentApplicationJsonSchemaData
        token:
          type: string
        message:
          type: string
        success:
          type: boolean
        expire_at:
          type: string
      required:
        - data
        - token
        - message
        - success
        - expire_at
      title: Authenticate_Response_200

```

## SDK Code Examples

```python Authenticate_example
import requests

url = "https://localhost:8090//api/auth/authenticate"

payload = ""
headers = {"Content-Type": "application/x-www-form-urlencoded"}

response = requests.post(url, data=payload, headers=headers)

print(response.json())
```

```javascript Authenticate_example
const url = 'https://localhost:8090//api/auth/authenticate';
const options = {
  method: 'POST',
  headers: {'Content-Type': 'application/x-www-form-urlencoded'},
  body: new URLSearchParams('')
};

try {
  const response = await fetch(url, options);
  const data = await response.json();
  console.log(data);
} catch (error) {
  console.error(error);
}
```

```go Authenticate_example
package main

import (
	"fmt"
	"net/http"
	"io"
)

func main() {

	url := "https://localhost:8090//api/auth/authenticate"

	req, _ := http.NewRequest("POST", url, nil)

	req.Header.Add("Content-Type", "application/x-www-form-urlencoded")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := io.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}
```

```ruby Authenticate_example
require 'uri'
require 'net/http'

url = URI("https://localhost:8090//api/auth/authenticate")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Content-Type"] = 'application/x-www-form-urlencoded'

response = http.request(request)
puts response.read_body
```

```java Authenticate_example
import com.mashape.unirest.http.HttpResponse;
import com.mashape.unirest.http.Unirest;

HttpResponse<String> response = Unirest.post("https://localhost:8090//api/auth/authenticate")
  .header("Content-Type", "application/x-www-form-urlencoded")
  .asString();
```

```php Authenticate_example
<?php
require_once('vendor/autoload.php');

$client = new \GuzzleHttp\Client();

$response = $client->request('POST', 'https://localhost:8090//api/auth/authenticate', [
  'form_params' => null,
  'headers' => [
    'Content-Type' => 'application/x-www-form-urlencoded',
  ],
]);

echo $response->getBody();
```

```csharp Authenticate_example
using RestSharp;

var client = new RestClient("https://localhost:8090//api/auth/authenticate");
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
IRestResponse response = client.Execute(request);
```

```swift Authenticate_example
import Foundation

let headers = ["Content-Type": "application/x-www-form-urlencoded"]

let request = NSMutableURLRequest(url: NSURL(string: "https://localhost:8090//api/auth/authenticate")! as URL,
                                        cachePolicy: .useProtocolCachePolicy,
                                    timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers

let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
  if (error != nil) {
    print(error as Any)
  } else {
    let httpResponse = response as? HTTPURLResponse
    print(httpResponse)
  }
})

dataTask.resume()
```