Skip to main content
POST
https://api.dintero.com/v1
/
accounts
/
{aid}
/
customers
/
login
aid_customers_login_post
curl --request POST \
  --url https://api.dintero.com/v1/accounts/{aid}/customers/login \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "audience": "<string>",
  "password": "<string>"
}
'
{
  "access_token": "eyJhbGci...t7P4",
  "expires_in": 86400,
  "refresh_token": "<string>"
}

Documentation Index

Fetch the complete documentation index at: https://docs.dintero.com/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

Bearer authentication (token authentication) should be used for accessing the API.

Use Get Token to get an access token for client credentials. Pass the token in the request header:

Authorization: Bearer {access_token}

where the access_token is JSON Web Tokens (JWT).

Path Parameters

aid
string<^[PT]{1}\d{8}$>
required

An id that uniquely identifies the account.

Required string length: 9

Body

application/json

credentials

audience
string
required

The unique identifier of the target API you want to access. The audience must be a grant associated with the client used when calling this resource.

type
enum<string>
required

user type to login, required as users with different type can share email

Available options:
customer,
company
password
string
required

The customer pin or password. The caller must have scope write:accounts:/auth/users or write:accounts:/auth/users/no-mfa when password is included in the body

Required string length: 4 - 255
email
string

Required if ident_type and ident is not set

ident_type
enum<string>

Required if email is not set

Available options:
phone_number,
email
ident
string

Email or phone_number, depending on the ident_type.

Required if email is not set.

Response

Success

access_token
string
required

A JWT access token

Example:

"eyJhbGci...t7P4"

token_type
enum<string>
required
Available options:
Bearer
expires_in
integer
required

The lifetime in seconds of the access token. For example, the value "3600" denotes that the access token will expire in one hour from the time the response was generated.

Example:

86400

refresh_token
string

Token that can be used to request new tokens when the existing Access Token expire.

You can only get a Refresh Token if the Access Token used in the request has scope:

  • create:accounts:auth:refresh_token

and the grant-type is one of:

  • authorization_code
  • password

NOTE:

  • A Single-Page Application should not ever receive a Refresh Token, this information is sensitive and should not be exposed client-side in a browser.
  • Refresh token must be stored securely by an application since they allow a user to remain authenticated essentially forever.
Last modified on May 12, 2026