Complete Login

POST/web/v1/users/self/auth/login/completeNone

Completes the login flow by verifying the MFA code or credentials and issuing JWT tokens. Returns access and refresh tokens on success.

Authentication

Auth Chain: WEB Chain — no JWT required (pre-authentication endpoint) These headers are injected by the system (frontend does nothing): X-PORTAL-ACCESS-CODE (Nginx), X-Request-Id (Gateway)

Request Parameters

Name	Type	Required	In	Description
`request`	`Object`	Yes	body	LoginCompleteRequest object (see request body schema)

Success Response

Success200

{
  "version": "1.3.0",
  "timestamp": 1709337600000,
  "success": true,
  "code": "2000",
  "message": "SUCCESS",
  "data": {
    "accessToken": "<token>",
    "refreshToken": "<token>",
    "expiresIn": 3600,
    "tokenType": "Bearer"
  }
}

Error Responses

Unauthorized401

{
  "success": false,
  "code": "4010",
  "message": "Invalid or expired token"
}

Notes

If the account is pending approval, the response will include isPendingApproval: true with result code ACCOUNT_PENDING_APPROVAL.
Rate limited to 5 requests per window.

Complete Login ​

Authentication ​

Request Parameters ​

Success Response ​

Error Responses ​

Notes ​

Authentication

Request Parameters

Success Response

Error Responses

Notes