NoxVR Documentation
Authentication

User login

Authenticate a user with their username or id and password. If successful, a session cookie will be set for the user. If the user has 2FA enabled, they must provide a valid factor code.

POST
/auth/login

Request Body

identifierstring|integer

Username or user ID

passwordstring

User password

Length6 <= length <= 128
twofa_token?string

6-digit 2FA token if required

Match^[0-9]{6}$

Response Body

application/json

application/json

application/json

application/json

curl -X POST "https://nox.hactazia.fr/api/auth/login" \  -H "Content-Type: application/json" \  -d '{    "identifier": "hactazia",    "password": "hunter2"  }'
{
  "data": {
    "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
    "expires": 1750945093437,
    "created_at": 1750936113726,
    "user": {
      "id": 123,
      "username": "hactazia",
      "display": "Hactazia",
      "server": "hactazia.fr",
      "tags": [
        "sys:admin",
        "dft:can_file_upload",
        "dft:can_self_edit",
        "dft:can_world_create",
        "sys:unverified"
      ],
      "bio": "Game developer and VR enthusiast",
      "thumbnail": "https://avr.hactazia.fr/api/users/123/thumbnail",
      "banner": "https://avr.hactazia.fr/api/users/123/banner",
      "links": [
        "https://avr.hactazia.fr/"
      ],
      "rank": 0,
      "relations": null,
      "email": "hactazia@example.com",
      "email_verified": false,
      "created_at": 1750936113726,
      "home": "world123@hactazia.fr",
      "twofa_enabled": false
    }
  },
  "request": "/api/auth/login",
  "time": 1750945093437
}
{
  "error": {
    "message": "User not found.",
    "code": 2,
    "status": 404
  },
  "data": null,
  "request": "/api/auth/login"
}
{
  "error": {
    "message": "Invalid field: {0}, {1}.",
    "code": 5,
    "status": 400
  },
  "data": null,
  "request": "/api/auth/login"
}
{
  "error": {
    "message": "Additional verification required.",
    "code": 20,
    "status": 428
  },
  "data": {
    "methods": [
      {
        "type": "totp",
        "name": "Authenticator App",
        "description": "Use an authenticator app to generate a verification code",
        "enabled": true,
        "can_send": false
      },
      {
        "type": "email",
        "name": "Email Verification",
        "description": "Receive a verification code via email",
        "enabled": false,
        "can_send": true
      }
    ]
  },
  "request": "/api/auth/login"
}

Send verification code GET

Previous Page

User logout GET

Next Page