Print
Dark
Light
PDF

Login

Print
Dark
Light
PDF

Article summary

Did you find this summary helpful?

Thank you for your feedback

Rocket.Chat supports various methods of authentication. The list of supported auth services (and their configurations) are in the meteor_accounts_loginServiceConfiguration collection.

Use username and password

To ensure the security of the user's account, it is important not to submit the user's password as plain text. Instead, apply a hashing algorithm (for example - sha-256).

The digest must be lowercase.

Payload parameters

Argument	Example	Required	Description
`user`	`{ "username": "doe.jon" }`	Required	The user object containing either the username or email.
`password`	`{ “digest”: “79cos9ejfs9j”, “algorithm”: “sha-256” }`	Required	The password object containing the hashed password and the hash algorithm.

Example Payload

{
  "digest": "52c53f4abbfe42e1ccd4fd9d864453ee57f8efbd4c9ecec6d88bd83d7f7a9c02",
  "algorithm":"sha-256"
}

Example call

{
    "msg": "method",
    "method": "login",
    "id":"42",
    "params":[
        {
            "user": { "username": "him" },
            "password": {
                "digest": "52c53f4abbfe42e1ccd4fd9d864453ee57f8efbd4c9ecec6d88bd83d7f7a9c02",
                "algorithm":"sha-256"
            }
        }
    ]
}

Example response

Success

{
    "msg": "result",
    "id": "42",
    "result": {
        "id": "3Dw26TXWxvi8gwfgM",
        "token": "72kB2z5SpnWG-vOSKaAXku74PV851pVOVAoC67FpFEI",
        "tokenExpires": {
            "$date": 1696417505309
        },
        "type": "password"
    }
}

Error

{
    "msg": "result",
    "id": "42",
    "error": {
        "error": 403,
        "reason": "Incorrect password",
        "message": "Incorrect password [403]",
        "errorType": "Meteor.Error"
    }
}

Use an authentication token

You can use a previous user authentication token or a Personal Access Token to log in as a user.

Payload parameters

Argument	Example	Required	Description
`resume`	`5BwhTeEXiTmU_8uKxGuy4pqWRHRP73QpJYmoSWfBpc`	Required	A personal access token or previous authToken of the user.

Example call

{
    "msg": "method",
    "method": "login",
    "id": "42",
    "params":[
        { "resume": "auth-token" }
    ]
}

Example response

This success response format remains the same irrespective of the login method used.

{
    "msg": "result",
    "id": "42",
    "result": {
        "id": "LFdhbcNHx5zsMA7T4",
        "token": "5BwhTeEXiTmU_8uKxGuy4pqWRHRP73QpJYmoSWfBpcB",
        "tokenExpires": {
            "$date": 1696418806422
        },
        "type": "resume"
    }
}

If the auth-token is expired, send another login request to get a new authToken with a new expiration date.

Use authentication providers

OAuth is used to support additional auth providers.

Example call

{
    "msg": "method",
    "method": "login",
    "id":"42",
    "params": [
        {
            "oauth": {
                "credentialToken":"credential-token",
                "credentialSecret":"credential-secret"
            }
        }
    ]
}

Was this article helpful?

What's Next

Realtime Two Factor Authentication

On this page

Use username and password
Use an authentication token
Use authentication providers