Login

Log new users into your application with the Next Identity API

🚧

About the API Use Cases

The instructions in the API Use Cases guide are intended to be used by application teams with API integrations.

These instructions are not intended to be used for integration with Next Identity Journeys.
If you need any technical support after reading through the API Use Cases section, please contact your Next Reason integration consultant.

Introduction

The /login API endpoint will allow your application to authenticate users with a verified account. Depending on the authentication method used (email address or mobile phone number),the end user will enter their identifier and a password or, when using a one-time password (OTP), will just enter an identifier and will be sent a single use code.

Assumptions

  • Application is hosting the registration screen (no use of the Next Identity Journey screens).
  • Application is not using social authentication.
  • Application is responsible for securely sending these API calls to the Next Identity.
  • Application will need to handle range of responses from the service.
  • Application will need to handle showing relevant legal agreements (including privacy policy and terms and conditions).
  • API calls will be rate limited for each client ID; please consult with your Next Reason integration consultant to change these limits if needed.

📘

API reference for /login endpoint

In addition to the integration documentation in this section, refer to the API Reference for the /login endpoint for more details.

🚧

About the /login API call

As a response to this call in Next Identity, if the user is not marked in our system as having accepted your most recent legal agreements, you will get a successful response with a note that the user needs to accept legal agreements. Our recommendation is that you do then present them with your own screen to accept legal terms, and that you pass that acceptance into the subsequent /token call to our service. Afterwards, it will be recorded in the user record; review the 7.0 Token section for integration details.

If the user has not verified his or her email address, your application will not get a successful response from the /login endpoint. This will be your indication that you will need to ask them to verify their user ID.

Login user by email address and password

Introduction

This is the API call for logging users in using email address and password. If you are using Next Identity Journeys hosted screens for sign in, you do not need to use this API call. This API call is only for applications that are using their own custom screens for sign in.

Sample API Call

This is what a login with email address and password via API call would look like. Please inform your Next Reason integration consultant immediately if you need to use this call to ensure it is being used with the correct workflow.

curl --request POST \
     --url https://id.eu.nextreason.com/idp/v1/account/login \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json' \
     --data '
{
     "client_id": "c8462jyq9dnupu2q4j7sfjzvn6c87j92",
     "redirect_uri": "https://localhost.com",
     "grant_type": "password",
     "user_id": "[email protected]",
     "password": "RBQ!Qyd2x#Pj^CdM",
     "scope": "openid",
     "auth_type": "email",
     "locale": "en-US"
}
'

Login user by mobile phone number and password

Introduction

This is the API call for logging users in using their mobile phone number and password. If you are using Next Identity Journeys hosted screens for sign in, you do not need to use this API call. This API call is only for applications that are using their own custom screens for sign in.

Sample API Call

This is what a login with mobile phone number and password via API call would look like. Please inform your Next Reason integration consultant immediately if you need to use this API call to ensure it is being used with the correct workflow.

curl --request POST \
     --url https://id.eu.nextreason.com/idp/v1/account/login \
     --header 'Accept: application/json' \
     --header 'Content-Type: application/json' \
     --data '
{
     "client_id": "c8462jyq9dnupu2q4j7sfjzvn6c87j92",
     "redirect_uri": "https://localhost.com",
     "grant_type": "password",
     "user_id": "+15417543010",
     "password": "RBQ!Qyd2x#Pj^CdM",
     "scope": "openid",
     "auth_type": "sms",
     "locale": "en-US"
}
'

What’s Next