Initiate Login
POST
/web/v1/users/self/auth/login/initiate NoneInitiates the login flow by validating the user's email and returning the available authentication methods. This is the first step in the multi-step login process.
Required Headers
| Header | Example Value | Description |
|---|---|---|
| Content-Type | application/json | Request content type |
| Accept | application/json | Expected response type |
| X-Client-Hash | Client device fingerprint | |
| Accept-Language | en, zh, zh-Hant, ja, vi | Response language (default: en) |
Request Parameters
| Name | Type | Required | In | Description |
|---|---|---|---|---|
rawRequestBody | String | Required | body | Encrypted request payload (parsed server-side) |
Success Response
Success 200
{
"version": "1.3.0",
"timestamp": 1709337600000,
"success": true,
"code": "2000",
"message": "SUCCESS",
"data": {
"sessionId": "sess_abc123",
"mfaRequired": true,
"availableMethods": [
"EMAIL",
"OTP"
]
}
}Error Responses
Unauthorized 401
{
"success": false,
"code": "4010",
"message": "Invalid or expired token"
}Notes
- The request body is strictly validated; unknown properties will cause a rejection.
- If the account is pending approval, the response will include
isPendingApproval: truewith result codeACCOUNT_PENDING_APPROVAL. - Rate limited to 10 requests per window.