Backendless Login API¶
Description¶
Registered users can login using the API described below. The login operation requires two properties: one marked as user identity and the second is password. Backendless automatically assigns the "AuthenticatedUser" role to all successfully logged in users. The role can be used to differentiate access to various resources (data in the database, files, messaging channels) between authenticated users and guests.
Method¶
POST
Endpoint URL¶
The xxxx.backendless.app is a subdomain assigned to your application. For more information see the Client-side Setup section of this documentation.
https://xxxx.backendless.app/api/users/login
Request Headers¶
Content-Type:application/json
where:
| Argument | Description |
|---|---|
Content-Type |
must be set to application/json. This header is mandatory. |
Request Body¶
{
"login" : value,
"password" : value
}
The "login" key must contain the value for a property marked as identity.
Response Body¶
The user object representing the logged in user. The object has the values for all the properties stored in Users data table.
Example¶
The example below logs in as "alice@yourmail.com" using password "wonderland".
Important
Make sure to replace xxxx in the domain name in the sample request below to the one assigned to your application.
curl
-H Content-Type:application/json
-X POST
-d '{"login":"jbond@007.com", "password":"watchingya"}'
-v
https://xxxx.backendless.app/api/users/login
Maintaining User Session¶
The "user-token" value returned in the login API must be used in the subsequent requests to Backendless in order to maintain the user session. The value uniquely identifies both the user and the session on the server and is used to enforce security policy, apply user and roles permissions and track usage analytics. For all requests made after the login, the user-token value must be sent in the HTTP header:
"user-token":value
Errors¶
When the server-side reports an error, it returns a JSON object in the following format:
{
"message":error-message,
"code":error-code
}
The following errors may occur during the Login API call.
| Error Code |
Description |
|---|---|
| 2002 |
Version is disabled or provided wrong application info (application id or secret key) |
| 3000 |
Login has been disabled for the user account. |
| 3001 |
Missing login settings, possibly invalid application id or version. |
| 3002 |
User cannot login because Multiple Logins disabled and there is a logged in user for the account. |
| 3003 |
Invalid login or password. |
| 3006 |
Either login or password is an empty string value. |
| 3034 |
User logins are disabled for the version of the application. |
| 3036 |
Account locked out due to too many failed logins. |
| 3038 |
One of the required parameters (application id, version, login or password) is null |
| 3044 |
Multiple login limit for the same user account has been reached. |
| 8000 |
Property value exceeds the length limit |
Codeless Reference¶
where:
| Argument | Description |
|---|---|
identity |
Represents a value for the property marked as identity in the Users data table. Usually, the default is the user's email, which is used for the login operation. |
password |
User's password. |
stay logged in |
A boolean value requesting user login information to be saved so it can be reused when the application restarts (or page is reloaded). |
return user |
Optional parameter. When this option is checked, the operation returns the userobject containing user data. |
Returns the user object representing the logged in user. The object has the values for all the properties stored in Users data table.
Consider the following record in the Users data table:
The example below logs in as "alice@wonderland.com" and returns the user object, since the return user option is checked.
The user object will look as shown below after the Codeless logic runs:
