Interface: AuthResponse

Interface: AuthResponse

Defined in: dto/auth.ts:31

Full login/sso/refresh response. Some fields are optional because the same envelope carries the 2FA-challenge response (where only requires_2fa is set) and the PKCE callback response (where only auth_code is set).

Maps to the Go LoginResponse plus the SSO callback variants.

Properties

auth_code?

optional auth_code?: string

Defined in: dto/auth.ts:45

Returned by /auth/sso/callback when the original /sso/url carried a PKCE challenge. Client must POST /auth/sso/exchange with this code and the original code_verifier to obtain tokens.

---

auth_code_expires_in?

optional auth_code_expires_in?: number

Defined in: dto/auth.ts:46

---

organization?

optional organization?: Organization

Defined in: dto/auth.ts:33

---

permissions?

optional permissions?: string[]

Defined in: dto/auth.ts:36

---

requires_2fa?

optional requires_2fa?: boolean

Defined in: dto/auth.ts:40

True when the password authenticated but 2FA is required. Client should retry the same endpoint with two_factor_code populated.

---

roles?

optional roles?: string[]

Defined in: dto/auth.ts:35

---

tokens?

optional tokens?: TokenPair

Defined in: dto/auth.ts:34

---

user?

optional user?: User

Defined in: dto/auth.ts:32