Authenticate user

Exchange credentials for an access token and a refresh token. The access token is short-lived; store the refresh token securely to maintain the session.

Request

curl --request POST \
  --url https://api.sysos.app/v1/auth/login \
  --header "Authorization: Bearer ACCESS_TOKEN" \
  --header "Content-Type: application/json" \
  --data '{
    "email": "ada@acme.com",
    "password": "••••••••",
    "device_id": "web-3f92ab1c"
  }'

Response 200 OK

{
  "access_token": "eyJhbGciOiJIUzI1NiIs...",
  "refresh_token": "rt_29ab8c71e4f9...",
  "token_type": "Bearer",
  "expires_at": "2026-03-01T18:25:43Z",
  "session_id": "sess_82bd91fa"
}