Link Search Menu Expand Document

Logging users in

  • Call name: login
  • Endpoint URL:
  • Request methods: POST
  • Request Content-Type: multipart/form-data or application/x-www-form-urlencoded
  • Response Content-Type: application/json
  • Auth required: no

When supplied with a username and password, this API checks whether the password is valid for the username. If it is valid, it deletes any existing sessions, and then creates a session with a session key in the database. It then returns session information in JSON. Note that the session_expires_date is returned in UTC date time format.

Version-specific information

The following version-specific changes apply to this endpoint. See the versioning page for more details.

Version Change details
>= 1.4.10 The gender parameter returned in the user_info object supports values male, female, nonbinary, transgender, agender, genderqueer, genderfluid, bigender, twospirit, androgynous, pangender, neutrois, demigender and other.

HTTP Parameters

The following HTTP POST parameters can be passed to the API:

Parameter Description
username required The username (email address) of the user.
password required The password of the user.


This API call requires no specific permissions.


The following headers can/must be passed to the API call:

X-Spaaza-MyPrice-App-Hostname (mandatory in some cases) The hostname of the app which the signup is for. This header is mandatory when authenticating an end user (shopper or programme member). When authenticating an admin user (including a webshop or POS) this header must be excluded.


If the session is valid, the login call returns information about the user and the session, including: key, length of validity in hours and the authentication method used to establish the key. An example is shown below:

        "result": {
            "code": 1,
            "status": "ok"
        "results": {
            "result_type": "login",
            "session_info": {
                "session_key": "acc5cf311f4bce26feaa80de400e2f294ff6168f49da765f0a4d6a798900460f",
                "session_key_validity": "336",
                "session_auth_method": "password",
                "session_user_id": 114521,
                "session_username": "",
                "session_expires_date": "2020-04-06 11:19:10"
            "user_info": {
                "id": 114521,
                "user_id": 114521,
                "first_name": "Sam",
                "last_name": "Critchley",
                "gender": "M",
                "birthday": "2014-10-21",
                "username": "",
                "mailing_list": {
                    "mailing_list_sub_offered": "true",
                    "mailing_list_subscribed": false,
                    "printed_mailing_list_subscribed": false
                "entity_code": {
                    "type": "custom",
                    "code": "3021879"
                "opt_in_programme": {
                    "programme_opted_in": true,
                    "join_date": "2016-01-30T14:37:22+00:00"
                "registered": true,
                "loyalty_status": {
                    "campaign_id": 2095,
                    "name": "Level 1",
                    "description": "Level 1 in the Programme",
                    "loyalty_level_id": 2,
                    "points_to_proceed_next_level": 500,
                    "points_to_remain_current_level": 220,
                    "maintenance_points_level": 200,
                    "last_review_date": "2019-04-04T00:05:22+00:00",
                    "next_review_date": "2020-04-04T00:05:22+00:00",
                    "date_reached": "2019-06-06T08:06:14+00:00"