Skip to main content
Use this endpoint to authenticate as a Dashboard user. Submit your email and password, and Shogun returns a short-lived JWT access token alongside a refresh token. Pass the access token as a Bearer header on every subsequent Dashboard API request.

Endpoint

POST https://baasapi.payrepmfb.com/api/v1/auth/web/login
No authentication is required to call this endpoint.

Request body

email
string
required
The email address registered to your Dashboard account.
password
string
required
The password for your Dashboard account.

Example request

curl --request POST \
  --url https://baasapi.payrepmfb.com/api/v1/auth/web/login \
  --header 'Content-Type: application/json' \
  --data '{
    "email": "admin@yourbusiness.com",
    "password": "your-secure-password"
  }'

Response

A successful request returns an access token, a refresh token, and the authenticated user’s details. 
{
  "status": true,
  "response_code": "00",
  "message": "Login successful",
  "data": {
    "access": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "refresh": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "user": {
      "id": "usr_a1b2c3d4",
      "email": "admin@yourbusiness.com",
      "first_name": "John",
      "last_name": "Doe",
      "role": "ADMIN"
    }
  }
}

Response fields

data.access
string
Short-lived JWT access token. Use this on all authenticated Dashboard API requests.
data.refresh
string
Long-lived refresh token. Exchange this for a new access token using the Refresh Token endpoint when the access token expires.
data.user.id
string
Unique identifier for the authenticated user.
data.user.email
string
Email address of the authenticated user.
data.user.role
string
Role assigned to the user. Possible values: ADMIN, INITIATOR, REVIEWER, AUTHORIZER.
Pass the access token as Authorization: Bearer <access> on all subsequent Dashboard API requests. When the access token expires, use the Refresh Token endpoint to obtain a new one without requiring the user to log in again.