> ## Documentation Index
> Fetch the complete documentation index at: https://docs.interstellas.stellas.africa/llms.txt
> Use this file to discover all available pages before exploring further.

# Sign in

> Authenticate with email and password to receive an access token.

<Info>
  This is the first call you make in any Interstellas integration. The `accessToken` returned here is required on every subsequent request.
</Info>

## Endpoint

```
POST /auth/signin
```

No authentication headers are required for this endpoint.

## Request body

<ParamField body="email" type="string" required>
  The email address associated with your Interstellas account.
</ParamField>

<ParamField body="password" type="string" required>
  Your account password.
</ParamField>

## Response

<ResponseField name="status" type="boolean">
  `true` on success.
</ResponseField>

<ResponseField name="message" type="string">
  Human-readable outcome, e.g. `"Login successful"`.
</ResponseField>

<ResponseField name="data.id" type="string">
  Your user ID.
</ResponseField>

<ResponseField name="data.firstName" type="string">
  Your first name.
</ResponseField>

<ResponseField name="data.lastName" type="string">
  Your last name.
</ResponseField>

<ResponseField name="data.email" type="string">
  Your registered email address.
</ResponseField>

<ResponseField name="data.phoneNo" type="string">
  Your registered phone number.
</ResponseField>

<ResponseField name="data.accessToken" type="string">
  A JWT bearer token. Pass this as `Authorization: Bearer <token>` on all subsequent requests.
</ResponseField>

<ResponseField name="data.businesses" type="array">
  List of businesses registered to your account. Each object contains `id`, `businessName`, and `isApproved`. Use the `id` value as your `businessId` header.
</ResponseField>

## Code examples

<CodeGroup>
  ```bash cURL theme={null}
  curl -X POST https://sandbox.stellasbank.com/api/v1/auth/signin \
    -H "Content-Type: application/json" \
    -d '{
      "email": "you@example.com",
      "password": "YOUR_PASSWORD"
    }'
  ```

  ```js Node.js theme={null}
  const res = await fetch("https://sandbox.stellasbank.com/api/v1/auth/signin", {
    method: "POST",
    headers: { "Content-Type": "application/json" },
    body: JSON.stringify({
      email: "you@example.com",
      password: "YOUR_PASSWORD",
    }),
  });

  const { data } = await res.json();
  const { accessToken, businesses } = data;
  const businessId = businesses[0].id;
  ```

  ```python Python theme={null}
  import requests

  res = requests.post(
      "https://sandbox.stellasbank.com/api/v1/auth/signin",
      json={"email": "you@example.com", "password": "YOUR_PASSWORD"},
  )
  data = res.json()["data"]
  access_token = data["accessToken"]
  business_id = data["businesses"][0]["id"]
  ```
</CodeGroup>

## Example response

```json theme={null}
{
  "status": true,
  "message": "Login successful",
  "data": {
    "id": "usr_abc123",
    "firstName": "Ada",
    "lastName": "Lovelace",
    "email": "you@example.com",
    "phoneNo": "+2348012345678",
    "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "businesses": [
      {
        "id": "biz_xyz789",
        "businessName": "Acme Ltd",
        "isApproved": true
      }
    ]
  }
}
```

<Warning>
  Store your `accessToken` and `SECRET_KEY` securely — never log or expose them. If you have multiple businesses, make sure you use the correct `businessId` for each request.
</Warning>