Manager auth
AuthManager¶
Description: Authenticates a manager by verifying login credentials and returns a JWT token with session details and permission scope. If manager OTP is enabled, the request must also contain a valid otp_code from the authenticator app.
See also: Manager OTP Flow, GetManagerOTP, SetManagerOTP, CheckManagerOTP, ResetManagerOTP.
Access Control¶
🔐 No session required — this is a login entry point.
Request Parameters¶
| Name | Type | Required | Description |
|---|---|---|---|
| id | int | Yes | Manager login ID |
| password | string | Yes | Manager login password |
| otp_code | string | No | Required when manager OTP is enabled |
Request Example¶
{
"id": 1001,
"password": "secureManagerPass",
"otp_code": "123456"
}
Response Parameters¶
| Field | Type | Description |
|---|---|---|
| id | int | Manager ID |
| admin | int | 1 if full admin rights |
| access_backoffice | int | BackOffice/trading scope flag. Admins always have this scope |
| access_crm | int | CRM/sales scope flag. Admins always have this scope |
| see_customers | int | CRM customers view permission |
| set_customers | int | CRM customers create/update permission |
| del_customers | int | CRM customers delete permission |
| export_customers | int | CRM customers export permission |
| see_all_customers | int | View all customers in allowed CRM scope |
| see_leads | int | CRM leads view permission |
| set_leads | int | CRM leads create/update permission |
| del_leads | int | CRM leads delete permission |
| convert_leads | int | Lead conversion permission |
| assign_leads | int | Lead assignment permission |
| export_leads | int | CRM leads export permission |
| see_all_leads | int | View all leads in allowed CRM scope |
| see_notes | int | CRM notes view permission |
| set_notes | int | CRM notes create/update permission |
| del_notes | int | CRM notes delete permission |
| see_customer_contacts | int | Customer contacts view permission |
| set_customer_contacts | int | Customer contacts update permission |
| see_finance | int | CRM finance view permission |
| set_finance | int | CRM finance create/update permission |
| approve_finance | int | CRM finance approve permission |
| decline_finance | int | CRM finance decline permission |
| export_finance | int | CRM finance export permission |
| see_deposits | int | Deposits view permission |
| set_deposits | int | Deposits create/update permission |
| see_withdrawals | int | Withdrawals view permission |
| set_withdrawals | int | Withdrawals create/update permission |
| see_credits | int | Credits view permission |
| set_credits | int | Credits create/update permission |
| see_bonuses | int | Bonuses view permission |
| set_bonuses | int | Bonuses create/update permission |
| groups | string | Accessible groups |
| brand | string | Assigned brand name |
| name | string | Manager name |
| string | Manager email | |
| see_accounts | int | View accounts permission |
| see_accounts_detail | int | View detailed account info |
| see_accounts_online | int | View online users |
| del_accounts | int | Delete accounts permission |
| set_accounts | int | Create/update accounts permission |
| set_accounts_balance | int | Modify balances permission |
| see_accounts_balance | int | View balances permission |
| del_accounts_balance | int | Delete balance operations permission |
| see_trades | int | View trades permission |
| set_trades | int | Modify trades permission |
| del_trades | int | Delete trades permission |
| dealer_trades | int | Dealer trade approval permission |
| logs | int | View logs permission |
| reports | int | View/generate reports permission |
| market_watch | int | Market watch access |
| techsupport | int | Access technical support functions |
| see_export | int | Data export permission |
| online | int | Runtime online state for the just-opened manager session |
| last_login_time | int | Last successful manager login timestamp |
| otp_enabled | int | 1 if manager OTP is enabled, 0 otherwise |
| __token | string | JWT token for session authentication |
Response Example¶
{
"id": 1001,
"admin": 1,
"access_backoffice": 1,
"access_crm": 1,
"see_customers": 1,
"set_customers": 1,
"see_finance": 1,
"approve_finance": 1,
"groups": "*",
"brand": "default",
"name": "Alice Smith",
"email": "[email protected]",
"see_accounts": 1,
...
"__token": "eyJhbGciOiJIUzI1NiIsInR5cCI6..."
}
Error Example¶
{
"error": "USER_NOT_FOUND_OR_INCORRECT"
}
¶
{
"error": "USER_NOT_FOUND_OR_INCORRECT"
}
Error Examples¶
Missing OTP When 2FA Is Enabled¶
{
"error": "OTP_REQUIRED"
}
Invalid OTP Code¶
{
"error": "INVALID_OTP_CODE"
}