Login

Log in a user.
Rocket.Chat supports various methods of authentication. The list of supported auth services (and their configurations) are in the meteor_accounts_loginServiceConfiguration collection.
Using username and password
To ensure the security of the user's account, it is important not to submit the user's password as plain text. Instead, apply a hashing algorithm (for example - sha-256).
The digest must be lowercase.
Payload Parameters
Argument
Example
Required
Description
user
{ "username": "him" }
​
​
​
Required
The user object containing either the username or email.
​
password
Required
The password object containing the hashed password and the hash algorithm
​
Example Payload
       {
            "digest": "52c53f4abbfe42e1ccd4fd9d864453ee57f8efbd4c9ecec6d88bd83d7f7a9c02",
            "algorithm":"sha-256"
     }
Example Call
{
    "msg": "method",
    "method": "login",
    "id":"42",
    "params":[
        {
            "user": { "username": "him" },
            "password": {
                "digest": "52c53f4abbfe42e1ccd4fd9d864453ee57f8efbd4c9ecec6d88bd83d7f7a9c02",
                "algorithm":"sha-256"
            }
        }
    ]
}
Example Response
Success
{
    "msg": "result",
    "id": "42",
    "result": {
        "id": "3Dw26TXWxvi8gwfgM",
        "token": "72kB2z5SpnWG-vOSKaAXku74PV851pVOVAoC67FpFEI",
        "tokenExpires": {
            "$date": 1696417505309
        },
        "type": "password"
    }
}
Error
{
    "msg": "result",
    "id": "42",
    "error": {
        "error": 403,
        "reason": "Incorrect password",
        "message": "Incorrect password [403]",
        "errorType": "Meteor.Error"
    }
}
Using an authentication token
You can use a previous user authentication token or a Personal Access Token to log in a user.
Payload Parameters
Argument
Example
Required
Description
resume
5BwhTeEXiTmU_8uKxGuy4pqWRHRP73QpJYmoSWfBpc
Required
A personal access token or previous authToken of the user.
Example Call
{
    "msg": "method",
    "method": "login",
    "id": "42",
    "params":[
        { "resume": "auth-token" }
    ]
}
Example Response
This success response format remains the same irrespective of the login method used.
{
    "msg": "result",
    "id": "42",
    "result": {
        "id": "LFdhbcNHx5zsMA7T4",
        "token": "5BwhTeEXiTmU_8uKxGuy4pqWRHRP73QpJYmoSWfBpcB",
        "tokenExpires": {
            "$date": 1696418806422
        },
        "type": "resume"
    }
}
If the auth-token is expired, send another login request to get a new authToken with a new expiration date.
Using Authentication providers
OAuth is used to support additional auth providers.
Example Call
{
    "msg": "method",
    "method": "login",
    "id":"42",
    "params": [
        {
            "oauth": {
                "credentialToken":"credential-token",
                "credentialSecret":"credential-secret"
            }
        }
    ]
}

Argument	Example	Required
`user`	{ "username": "him" }
	Required	The user object containing either the username or email.
`password`	Required	The password object containing the hashed password and the hash algorithm

Argument	Example	Required	Description
`resume`	`5BwhTeEXiTmU_8uKxGuy4pqWRHRP73QpJYmoSWfBpc`	Required	A personal access token or previous authToken of the user.

Last modified 3mo ago