Skip to main content
POST
/
api
/
v2.1
/
customer
/
individual
/
{customerId}
/
users
/
{userId}
/
sessions
Create customer session
curl --request POST \
  --url https://sandbox.finhub.cloud/api/v2.1/customer/individual/{customerId}/users/{userId}/sessions \
  --header 'Content-Type: application/json' \
  --header 'X-Forwarded-For: <x-forwarded-for>' \
  --header 'X-Forwarded-From: <x-forwarded-from>' \
  --header 'X-Tenant-ID: <x-tenant-id>' \
  --header 'deviceId: <deviceid>' \
  --header 'platform: <platform>' \
  --data '
{
  "username": "customer.login.123456@example.test",
  "password": "SecurePass123!",
  "tenantKey": "a1B2c3D4e5F6g7H8i9J0kLmNopQr",
  "tenantSecret": "s3Cr3tKeyXyZpQwErTyUiOpAsDfGh",
  "credentialType": "PASSWORD",
  "value": "customer.login.123456@example.test",
  "tenantId": "11111111-2222-4333-8444-555555555555"
}
'
{
  "code": 200,
  "data": {
    "success": true,
    "message": "Session created successfully",
    "token": "eyJhbGciOi...",
    "refreshToken": "eyJhbGciOi...",
    "sessionId": "3c13a5ab-5e26-4372-9a85-1b2eb323c592",
    "expiresAt": "2026-03-16T20:49:32.000Z",
    "expiresIn": 123,
    "errorType": "<string>",
    "user": {
      "id": "<string>",
      "customerId": "<string>",
      "customerStatus": "<string>",
      "email": "<string>",
      "fullName": "<string>",
      "firstName": "<string>",
      "lastName": "<string>",
      "organizationId": "<string>",
      "role": "<string>",
      "phoneNumber": "<string>",
      "isActive": true,
      "lastLogin": "<string>",
      "createdAt": "<string>",
      "updatedAt": "<string>",
      "tenantId": "<string>",
      "gender": "<string>",
      "phones": [
        {
          "phoneType": "<string>",
          "encoding": "<string>",
          "number": "<string>"
        }
      ]
    }
  },
  "message": "Success"
}

Headers

X-Forwarded-For
string
required
Example:

"127.0.0.1"

X-Tenant-ID
string
required
Example:

"tenant-demo-001"

sec-ch-ua-platform
string
X-Forwarded-From
string
required

Client source identifier

Example:

"client-app"

platform
string
required

Client platform

Example:

"mobile"

deviceId
string
required

Device identifier

Example:

"device-demo-001"

Path Parameters

customerId
string<uuid>
required
Example:

"00000000-0000-0000-0000-000000000000"

userId
string<uuid>
required
Example:

"00000000-0000-0000-0000-000000000000"

Body

application/json

Create individual session request

username
string

Username used for customer login

Example:

"customer.login.123456@example.test"

password
string

Customer password for session creation

Example:

"SecurePass123!"

tenantKey
string

Tenant key credential used by auth service

Example:

"a1B2c3D4e5F6g7H8i9J0kLmNopQr"

tenantSecret
string

Tenant secret credential used by auth service

Example:

"s3Cr3tKeyXyZpQwErTyUiOpAsDfGh"

credentialType
string

Credential type for alternative auth flows

Example:

"PASSWORD"

value
string

Credential value used with credentialType-based auth

Example:

"customer.login.123456@example.test"

tenantId
string

Tenant UUID for session context

Example:

"11111111-2222-4333-8444-555555555555"

Response

Session created

Standard API response wrapper with session in data

code
integer<int32>

HTTP-style status code

Example:

200

data
object

Session tokens and metadata

message
string

Result message

Example:

"Success"