Login 2FA Explorer

Complete login authentication with 2FA TOTP code.

POST/auth/login/2fa

Description

Verify TOTP code from authenticator app to complete login for users with 2FA enabled. Requires session token from /auth/login.

Parameters

codestringRequired6-digit TOTP code from authenticator app

tokenstringRequiredSession token from /auth/login response (UUID)

Responses

1001 Response

Login successful - Returns access token and pinAuthToken. Session token deleted.

4005 Response

Invalid verification code - TOTP code incorrect or expired (30 sec validity).

4006 Response

Missing required data - Code or token field missing or invalid format.

4015 Response

Invalid session token - Token not found or already used.

4001 Response

User not found - Email from session token doesn't exist.

Test Request

https://www.swapbits.site/api

curl -X POST "https://www.swapbits.site/api/auth/login/2fa" \
  -H "Content-Type: application/json"