> ## Documentation Index
> Fetch the complete documentation index at: https://replyke-feat-push-rich-payload-fields.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Sign In

> Authenticate a user using email and password

Authenticate a user using email and password. Returns an access token, a refresh token, and user data.

## Body Parameters

<ParamField body="email" type="string" required>
  User's registered email address
</ParamField>

<ParamField body="password" type="string" required>
  User's password
</ParamField>

## Response

<ResponseField name="success" type="boolean">
  Indicates whether the authentication was successful
</ResponseField>

<ResponseField name="accessToken" type="string">
  JWT access token for authenticating API requests (expires in 30 minutes)
</ResponseField>

<ResponseField name="refreshToken" type="string">
  JWT refresh token for obtaining new access tokens (valid for 30 days)
</ResponseField>

<ResponseField name="user" type="User Object">
  <Expandable title="properties">
    <ResponseField name="id" type="string">
      Unique user identifier
    </ResponseField>

    <ResponseField name="email" type="string">
      User's email address
    </ResponseField>

    <ResponseField name="username" type="string">
      User's unique username
    </ResponseField>

    <ResponseField name="name" type="string">
      User's full name
    </ResponseField>

    <ResponseField name="avatar" type="string">
      URL to user's avatar image
    </ResponseField>

    <ResponseField name="bio" type="string">
      User's biography
    </ResponseField>

    <ResponseField name="location" type="object">
      <Expandable title="properties">
        <ResponseField name="type" type="string">
          GeoJSON type (always "Point")
        </ResponseField>

        <ResponseField name="coordinates" type="number[]">
          Array of \[longitude, latitude]
        </ResponseField>
      </Expandable>
    </ResponseField>

    <ResponseField name="birthdate" type="string">
      User's birthdate in ISO 8601 format
    </ResponseField>

    <ResponseField name="metadata" type="object">
      Custom public metadata
    </ResponseField>

    <ResponseField name="suspensions" type="array">
      Array of active suspensions
    </ResponseField>

    <ResponseField name="reputation" type="number">
      User's reputation score
    </ResponseField>

    <ResponseField name="createdAt" type="string">
      Account creation timestamp
    </ResponseField>

    <ResponseField name="updatedAt" type="string">
      Last update timestamp
    </ResponseField>
  </Expandable>
</ResponseField>

## Error Responses

<AccordionGroup>
  <Accordion title="Missing Fields - 400 Bad Request">
    ```json theme={null}
    {
      "error": "Email, and password are required.",
      "code": "auth/missing-fields"
    }
    ```
  </Accordion>

  <Accordion title="User Not Found - 403 Forbidden">
    ```json theme={null}
    {
      "error": "User not found.",
      "code": "auth/no-user-found"
    }
    ```
  </Accordion>

  <Accordion title="Missing Credentials - 403 Forbidden">
    ```json theme={null}
    {
      "error": "Invalid credentials.",
      "code": "auth/invalid-credentials"
    }
    ```
  </Accordion>

  <Accordion title="Incorrect Password - 401 Unauthorized">
    ```json theme={null}
    {
      "error": "Incorrect password.",
      "code": "auth/wrong-password"
    }
    ```
  </Accordion>

  <Accordion title="Server Error - 500 Internal Server Error">
    ```json theme={null}
    {
      "error": "Internal server error.",
      "code": "auth/server-error",
      "details": "<Error message>"
    }
    ```
  </Accordion>
</AccordionGroup>

***

## Notes

* On success, an HttpOnly cookie named `replyke-refresh-jwt` is set.
* The `accessToken` is returned in the response body and expires in 30 minutes.
* Refresh token is valid for 30 days.
* Active suspensions are included in the response user object.
* Only valid users with matching credentials can sign in.
