Authorize by credentials

Authorizes the current initialized session using login and password credentials.

Authorize by credentials authenticates an application account with credentials. This operation is available only after successful Initialize.

Request

Authorize by credentials uses packet type = 3.

{
  "type": 3,
  "id": 4,
  "login": "user@example.com",
  "password": "strong-password",
  "credentials_type": 1
}

Prop

Type

Response

{
  "id": 4,
  "login": "user@example.com",
  "levels": { "tier": "pro" },
  "comment": "main account",
  "ip_address": "203.0.113.10",
  "time_left": 86400,
  "license_required": true,
  "status": 1
}

Prop

Type

Behavior notes

For credentials_type = 1, login must be a valid email format.
AppUserNotFound is used for unknown account and for invalid credentials.
If license_required is true, account authorization requires active license coverage.
time_left is included only when active license coverage is available.

Authorize-by-credentials statuses

Status	Constant	Returned when
`1`	`Ok`	Credentials authorization succeeded.
`6`	`InternalServerError`	Server failed to process authorization due to an internal error.
`7`	`AlreadyAuthorized`	Session is already authorized and authorization was requested again.
`602`	`AppSessionsQuotaExceeded`	Authorized sessions count reached the application plan limit.
`100`	`LicenseNotFound`	Provided `license` was not found in this application.
`101`	`LicenseTooShort`	Provided `license` is shorter than 6 characters.
`102`	`LicenseTooLong`	Provided `license` is longer than 64 characters.
`107`	`LicenseAlreadyActivated`	Provided `license` is already activated.
`200`	`AppUserNotFound`	Account was not found or provided credentials are invalid.
`201`	`AppUserBlacklisted`	Account is blacklisted.
`203`	`AppUserHasNoValidLicenses`	Account requires active license coverage, but none is available.
`205`	`AppUserLoginTooShort`	`login` is shorter than 4 characters.
`206`	`AppUserLoginTooLong`	`login` is longer than 320 characters.
`207`	`AppUserPasswordTooShort`	`password` is shorter than 4 characters.
`208`	`AppUserPasswordTooLong`	`password` is longer than 64 characters.
`209`	`AppUserEmailInvalid`	`credentials_type = 1` but `login` is not a valid email format.
`210`	`AppUserCredentialsTypeInvalid`	`credentials_type` has unsupported value (must be 0 or 1).
`502`	`ClientIDMismatch`	Account is bound to a different `client_id` than current session.

Connection-close cases (before/around this usecase)

Authorize by credentials itself returns JSON responses with status, but session can still be closed by protocol/session guards:

Close code	Error	When it happens
`4200`	`connection is not initialized`	Request was sent before successful `Initialize`.
`4201`	`rate limit hit`	Global per-session packet rate limit was exceeded.
`4302`	`invalid request body`	Packet body does not match the required schema for this operation.