Ctrl+K

Login

post/api/v2/user/login

Creates a short-lived (1 hour) access token for use with the API. BitGo doesn't recommend using this endpoint for scripting. Instead, use the SDK or the web UI to create long-lived access tokens. However, short-lived access tokens are the only access tokens with the "user_manage" scope that enables you to programmatically add users to your enterprise using the Add User to Enterprise endpoint.

Request Body

email string <email>required

The email address of the user.

Example: user@email.com

extensible boolean

"true" if the session is extensible beyond a one-hour duration

Example: false

otp string required

Second factor authentication token.

Example: 123456

password string required

Example: secret

200 Response

access_token string

Example: 9b72c68ef394f5146f0f3efc1feafb7a971752cb00e79fafcfd8c1d2db83639c

derivationPath string

encryptedECDHXprv string

encryptedToken string

expires_at number required

Unix timestamp

Example: 1534201288

expires_in number required

noECDHKeychain boolean

scope array[string] required

Example:

["crypto_compare","user_manage","openid","profile","wallet_create","wallet_manage_all","wallet_approve_all","wallet_spend_all","wallet_edit_all","wallet_view_all"]

token_type string required

grant_type string required

Represents the login method that was used

Allowed values: password passkey refresh_token authorization_code oauth

user object required

Fields that will always be populated in accordance with the defined codec If you find other fields that will provably always be populated on a given user (even for legacy users created long ago), that field can be moved to UserRequiredFields

agreements object required

The agreements the user has accepted

allowedCoins array[string] required

The coins the user is allowed to use

bitgoEmployee boolean required

Whether the user is a BitGo employee

currency object required

The user's preferred currency

disableReset2FA boolean required

Whether the user has disabled 2FA reset

organizations array[object] required

The organizations the user is a member of

featureFlags array[string] required

Any feature flags the user has enabled

forceResetPassword boolean required

Whether the user has forced a password reset

identity object required

The user's identity information

otpDevices array[object] required

The user's devices that can be used for OTP authentication

phone object required

The user's phone number

timezone string required

The user's timezone

apps

The apps the user has access to

country string

The country of the user

Example: USA

ecdhKeychain

string or null

The user's ECDH keychain

isActive boolean

Whether the user is active

isFrozen boolean

Whether the user is frozen

freezeReason string

The reason the user is frozen if they are frozen

Example: Frozen due to suspicious activity

freeze object

Freeze object that will hold the start time and expiration time of a user's freeze. By default the freeze is infinite, and this field will eventually override the isFrozen boolean field

lastLogin string <date-time>

The last login time of the user

locale string

The user's locale

pgpKey string

The user's PGP key

rateLimits

The rate limits applied to the user

referrer object

The referrer of the user

signupDomain string

The signup domain of the user

state string

The state of the user

Example: New York

sourceVerificationRequired boolean

Whether source verification is required for the user

sourceVerificationRequiredForReadOnlyAccess boolean

Whether source verification is required for read-only access

recoveryCodeSet object

The recovery code set for the user

createTime string

passwordUpdatedAt string <date-time>

id string required

The unique identifier for the user

Example: 59cd72485007a239fb00282ed480da1f

Match pattern: ^[0-9a-f]{32}$

username string <email>required

The username of the user

Example: user@email.com

name object required

The name of the user

enterprises array[object] required

The enterprise(s) the user is a member of

email object required

The email address of the user

warning string

400 Response

name string

Error code

context object required

Properties that apply to a specific error name

error string required

Human-readable error message

requestId string required

Client request id

401 Response