POST Parameters

When authenticating with the Venddor API, you must include specific parameters in your POST requests. This page documents the required and optional parameters for authentication.

POST /api/auth

Authenticates a user and provides access to the API.

Required Parameters

Parameter	Required	Description
`email`	Yes	User login e-mail. Can be both an admin's or a customer's e-mail. If a non-registered e-mail is provided, a 404 error is returned.
`redirect_url`	No	URL for the user to be redirected to immediately after following the login link.

Note: Any parameter not listed above will be ignored if included in an API request JSON data.

Example Request

{
  "email": "admin@example.com",
  "redirect_url": "https://www.example.com/dashboard"
}

Authentication Workflow

Send Authentication Request - Submit a POST request to /api/auth with the required parameters.
Receive Login Link - The API will generate a secure, time-limited login link and return it in the response.
User Login - When the user follows the link, they will be authenticated without needing to enter their password.
Redirect to Target URL - If a redirect_url was provided, the user will be directed to that location after successful authentication.

Security Warning: Login links are valid for a limited time (typically 24 hours) and can only be used once. Treat these links as sensitive information and do not share them publicly.

Best Practices

Always verify that the email address exists in your system before sending an authentication request.
Use HTTPS for all API communications to protect sensitive information.
Set appropriate redirect URLs that direct users to secure, intended destinations.
Consider implementing rate limiting on your end to prevent authentication abuse.

Tip: For testing purposes, you can create a dedicated test user account rather than using production administrator credentials.

Authentication POST Parameters

Required Parameters

Example Request

Authentication Workflow

Best Practices