Skip to main content
POST
/
v3
/
stores
/
{store_id}
/
public
/
auth
/
login
Start customer login
curl --request POST \
  --url https://api.scalev.com/v3/stores/{store_id}/public/auth/login \
  --header 'Content-Type: application/json' \
  --header 'X-Scalev-Storefront-Api-Key: <x-scalev-storefront-api-key>' \
  --data '
{
  "email": "jsmith@example.com",
  "password": "<string>"
}
'
{
  "access": "<string>",
  "refresh": "<string>",
  "token_type": "Bearer",
  "expires_in": 900,
  "refresh_expires_in": 2592000,
  "store_unique_id": "<string>"
}

Headers

X-Scalev-Storefront-Api-Key
string
required

Publishable storefront public API key for the target store. Page public API keys are not accepted on Storefront public routes.

Path Parameters

store_id
string
required

Store unique_id.

Body

application/json
email
string<email>
required
password
string
required
login_as
enum<string>
Available options:
customer,
owner

Response

Customer login tokens, or an OTP challenge message when the store requires OTP.

access
string
required

Customer access JWT. Send it as Authorization: Bearer <token> to /v3/stores/{store_id}/customers/me/*.

refresh
string
required

Refresh token for POST /v3/stores/{store_id}/public/auth/jwt/refresh.

token_type
enum<string>
required

Token type to use in the Authorization header.

Available options:
Bearer
expires_in
integer
required

Access token lifetime in seconds.

Example:

900

refresh_expires_in
integer
required

Refresh token lifetime in seconds. Refresh tokens rotate on every refresh and are single-use.

Example:

2592000

store_unique_id
string | null

Public store unique ID returned by some OTP verification responses.