Admin Login

Admin Login

curl --request POST \
  --url https://api.example.com/api/v1/admin/login \
  --header 'Content-Type: application/json' \
  --data '
{
  "email": "<string>",
  "password": "<string>"
}
'

POST

api

admin

Admin Login

curl --request POST \
  --url https://api.example.com/api/v1/admin/login \
  --header 'Content-Type: application/json' \
  --data '
{
  "email": "<string>",
  "password": "<string>"
}
'

The login endpoint authenticates admin users and processors, returning JWT tokens for session-based access.

Endpoint

POST /api/v1/admin/login

Request Body

string

required

User email address

password

string

required

User password

User Types

Admin Users

Dashboard users with roles like system_admin, compliance_user, super_agent

Processors

Merchant accounts for POS terminal management

Example

Request
Response

curl -X POST "https://olive-gateway-a6ba.onrender.com/api/v1/admin/login" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "admin@olive.sl",
    "password": "SecureP@ss123"
  }'

{
  "success": true,
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "refresh_token": "rt_abc123xyz...",
  "expires_at": 1704067200,
  "refresh_expires_at": 1704672000,
  "user": {
    "id": "123",
    "email": "admin@olive.sl",
    "first_name": "Admin",
    "last_name": "User",
    "role": "system_admin",
    "user_type": "admin",
    "status": "active",
    "pep_access_authorized": true,
    "last_login_at": "2025-01-14T15:30:00Z"
  }
}

Token Management

Receive access token (15 min) and refresh token (7 days)

Use Token

Include in Authorization: Bearer <token> header

Refresh

When expired, use refresh endpoint to get new tokens

Logout

Revoke refresh token when logging out

User Roles

Role	Access Level
`system_admin`	Full system access
`compliance_user`	Compliance monitoring
`support_user`	Customer support
`sales_user`	Sales operations
`audit_user`	Read-only audit access
`super_agent`	Agent network management
`sub_agent`	Field agent operations
`processor`	POS merchant dashboard

Errors

Code	Error	Description
400	`INVALID_REQUEST`	Missing email or password
401	`INVALID_CREDENTIALS`	Wrong email or password
401	`ACCOUNT_INACTIVE`	User account is not active
500	`INTERNAL_ERROR`	Server error

Security Notes

Login attempts are logged for audit
Failed attempts may trigger account lockout
Access tokens expire after 15 minutes
Always use HTTPS in production

Refresh Token

Get new access token

Logout

Revoke refresh token

Current User

Get current user info

Account Rules

Refresh Token

Overview

Agent-TS

Subscribers

Cards

Wallet

Agents

POS

Compliance

Admin

Webhooks

Fees

PEP Access

Partner API

Processors

Suspicious Transactions

Endpoint

Request Body

User Types

Admin Users

Processors

Example

Token Management

User Roles

Errors

Security Notes

Refresh Token

Logout

Current User

Overview

Agent-TS

Subscribers

Cards

Wallet

Agents

POS

Compliance

Admin

Webhooks

Fees

PEP Access

Partner API

Processors

Suspicious Transactions

​Endpoint

​Request Body

​User Types

Admin Users

Processors

​Example

​Token Management

​User Roles

​Errors

​Security Notes

​Related

Refresh Token

Logout

Current User

Endpoint

Request Body

User Types

Example

Token Management

User Roles

Errors

Security Notes

Related