Login

post/api/v2/user/login

Creates a short-lived (1 hour) access token for use with the API. BitGo doesn't recommend using this endpoint for scripting. Instead, use the SDK or the web UI to create long-lived access tokens. However, short-lived access tokens are the only access tokens with the "user_manage" scope that enables you to programmatically add users to your enterprise using the Add User to Enterprise endpoint.

Request Body

email string <email>required
The email address of the user.
Example: user@email.com
extensible boolean
"true" if the session is extensible beyond a one-hour duration
Example: false
otp string required
Second factor authentication token.
Example: 123456
password string required
Example: secret

200 Response

access_token string
Example: 9b72c68ef394f5146f0f3efc1feafb7a971752cb00e79fafcfd8c1d2db83639c
derivationPath string
encryptedECDHXprv string
encryptedToken string
expires_at number required
Unix timestamp
Example: 1534201288
expires_in number required
noECDHKeychain boolean
scope array[string] required
Example: ["crypto_compare","user_manage","openid","profile","wallet_create","wallet_manage_all","wallet_approve_all","wallet_spend_all","wallet_edit_all","wallet_view_all"]
token_type string required
user object required
id string
Example: 59cd72485007a239fb00282ed480da1f
Match pattern: ^[0-9a-f]{32}$
isActive boolean
isFrozen boolean
freezeReason string
Example: Frozen due to suspicious activity
name object
username string <email>
Example: user@example.com
email object
phone object
country string
Example: USA
state string
Example: New York
warning string

400 Response

name string
Error code
context object required
Properties that apply to a specific error name
error string required
Human-readable error message
requestId string required
Client request id

401 Response

name string
Error code
context object required
Properties that apply to a specific error name
error string required
Human-readable error message
requestId string required
Client request id