Content Portal API

POST auth/cognito/login

Example

POST /api/v1/auth/cognito/login HTTP/1.1
Content-Type: application/json; charset=utf-8
X-Endless-Auth: v2

{
  "idToken": "..."
}
----------------------------------------
HTTP/1.1 200 OK
Set-Cookie: access=...
Set-Cookie: session=...

{
  "newAccount": false,
  "userInfo": {
    "id": "66a5db1f-2785-498d-9068-e24ddbba03f2",
    "username": "tcoles+test01",
    "avatar": "public/us-west-2:5f40aa7b-817d-4a9d-a92f-5cbfad3e6dc2/04139ff8-0b26-4fae-ad1a-78da55f26443.jpg",
    "emblem": "b9f756f4-7786-4841-8767-992ec750fdb8",
    "profile": "This is my profile!"
  },
  "isAdmin": false,
  "csrf": "b9228b29-06d6-44c8-b7a1-6db3b3f52dfd",
  "expires": 1569022485
}

Security

API authentication is not required.

URL Parameters

NONE

Header Parameters

Name	Description	Value
X-Endless-Auth	select the auth system version (for this method, `v2` is mandatory)	one of: `v2`

Query Parameters

NONE

Request Body

Name	Description	Value
idToken	the Cognito ID token retrieved from their auth flow	string

Response

Response is empty.

Response Body

Name	Description	Value
newAccount	whether or not this account is new (should always be false from this method, as new accounts must be initialized out-of-band prior to this request)	boolean
userInfo	the user's information (included to save a request)	object; see UserInfo
isAdmin	true if this user has admin access (included for convenience -- the access token also contains this information)	boolean
csrf	the CSRF token to include in future requests	string
expires	the expiration date of access, in Unix time	number

UserInfo

Name	Description	Value
id	the ID of the user as a GUID with dashes	string
username	the user's username, which is unique	string
avatar	a media path to the user's avatar image file; will be null if no avatar has been set	string or null
emblem	the GUID of an emblem to display with the user's avatar, or null if none is selected	string or null
profile	a text description of this user, if public optional	string