# Login

Sign in a user with email and user key, returning a JWT token which is valid for 10 minutes.
If you omit the organization, it defaults to the last one you signed in to.

Endpoint: POST /api/v3.0/login
Version: 3.0
Security: bearer-key

## Request fields (application/json):

  - `email` (string, required)
    Example: "jon.smith@mail.com"

  - `userKey` (string, required)
    Equivalent to a personal access token. Avoid pasting as plain text where it might be compromised. For a service user (recommended), you can find the user key in the Mend SCA App in Admin > Users. [Learn more](https://docs.mend.io/bundle/mend_maintenance/page/managing_service_users.html). For local testing purposes, you could also use one of your own personal user keys from your user profile page in the Mend SCA App.
    Example: "***********"

## Response 200 fields (application/json):

  - `supportToken` (string)
    Example: "1171c60d"

  - `response` (object)

  - `response.userUuid` (string)

  - `response.userName` (string)

  - `response.email` (string)

  - `response.refreshToken` (string)

  - `response.jwtTTL` (integer)

  - `response.systemAccess` (boolean)

  - `response.serviceSystemAccess` (boolean)

  - `response.sessionStartTime` (integer)

  - `response.systemAccessStartTime` (integer)

## Response 400 fields (*/*):

  - `supportToken` (string)
    Example: "1171c60d"

## Response 403 fields (*/*):

  - `supportToken` (string)
    Example: "1171c60d"