Authenticates a user with a given username and password and delivers a valid session identifier.


POST {{server}}/VPE/session/login/
Content-Type: application/json

    "DeviceId": "device-id",
    "Username": "admin",
    "Password": "********"

= Username

Account user name.


= Password

Account password (clear text).


= RequireAdmin

true if the given user must have administrative privileges; otherwise the login attempt will fail, even if the correct credentials were presented.


= ChangePassword

If true a change of the account’s password is requested. This can only succeed if the user account is marked for a password change.


= NewPassword

If ChangePassword is set to true, the password will be changed to NewPassword if the user was able to successfully authenticate against the system.


= DesktopClient

true if this login attempt is made through a desktop client or web client for operators to use rather than an API login. If your login attempt is made from an external system, this property should be set to false.


= ApiVersionNumber

The API protocol version to use. The TrustID Cloud may prevent older clients connecting to newer versions of the API.


    "Success": true,
    "Message": "Operation executed successfully.",

    "SessionId": "...",

    "Configuration": [...],

    "User": { ... },
    "Branch": { ... },
    "Organisation": { ... },

    "DesktopClientDenied": false,
    "IncompatibleServiceVersion": false,
    "LockedUserAccount": false,
    "NewPasswordRequired": false,
    "RemainingCredits": null,
    "ServerApiVersion": "...",
    "VpeName": "Local Server"

= SessionId

A valid session identifier that should be presented for each subsequent request that is being made to the TrustID Cloud.

During the lifetime of a session, the device identifier must not change.

A session identifier may expire after a certain period of time.

The /session/logout/ endpoint will terminate any valid session identifier.


The configuration data of the TrustID Cloud.

See also

Configuration for more information about configuration data.


Information about the user who authenticated against the system.

See also

User for more information about user details.


Information about the branch of the user who authenticated against the system.

See also

Branch for more information about user details.


Information about the organisation the user belongs to who authenticated against the system.

See also

Organisation for more information about user details.


= DesktopClientDenied

true if access to the system has been denied because the user is not allowed to use the desktop client. The user is only intended to log in as an API client.


= IncompatibleServiceVersion

true if access to the system has been denied because the client’s API version is incompatible with the service’s API version.


= LockedUserAccount

true if access to the system has been denied because the user account has been locked. This occurs when an incorrect password has been used too many times.


= NewPasswordRequired

true if a new password is required for this user in order to authenticate against the TrustID Cloud.


= RemainingCredits

Information about the remaining credits that are available for the current user.

See also

RemainingCredits for more information about remaining credit details.


= ServerApiVersion

The current protocol version number of the API that is used by the TrustID Cloud.


= VpeName

The local name of the TrustID Cloud instance.