Skip to main content
POST
/
admin
/
auth
/
{lender}
/
login
Lender login
curl --request POST \
  --url https://v3-api.cleargrid.ai/admin/auth/{lender}/login \
  --header 'Content-Type: application/json' \
  --data '
{
  "email": "user@example.com",
  "password": "password123"
}
'
{
  "token": "<access_token>",
  "refreshToken": "<refresh_token>",
  "lenderPublicId": "<lender_uuid>"
}
Authenticate a lender with the system and obtain an auth_token for subsequent API calls. The login endpoint returns both an access token (used for all API requests) and a refresh token (used to obtain a new access token when the current one expires).

Request

Your lender identifier and credentials are provided by ClearGrid during onboarding. Store the password securely — it should never be exposed in client-side code or version control.

Endpoint

POST {{base_url}}/admin/auth/{{lender}}/login
EnvironmentBase URL
Productionhttps://v3-api.cleargrid.ai/
Staginghttps://stage-v3-api.cleargrid.ai/

Body Parameters

email
string
required
The lender email address provided by ClearGrid during onboarding.
password
string
required
The lender-specific password provided by ClearGrid. This should be stored securely and never hardcoded.

Example Request

curl -X POST https://v3-api.cleargrid.ai/admin/auth/{your_lender_id}/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "user@example.com",
    "password": "securepassword"
  }'

Response

{
  "lenderPublicId": "<lender_uuid>",
  "token": "<access_token>",
  "refreshToken": "<refresh_token>"
}
FieldTypeDescription
lenderPublicIdstringThe lender’s unique public identifier (UUID). Used as a path parameter in subsequent API calls.
tokenstringThe access token. Include this as a Bearer token in the Authorization header for all further API requests.
refreshTokenstringThe refresh token. Use this with the Refresh Token endpoint to obtain a new access token when the current one expires.

Using the Access Token

Once authenticated, include the access token as a Bearer token in the Authorization header of every subsequent API request: 
curl -X POST https://v3-api.cleargrid.ai/admin/v3/lenders/{lenderPublicId}/accounts \
  -H "Authorization: Bearer <access_token>" \
  -H "Content-Type: application/json" \
  -d '{ ... }'
Access tokens expire after a set period. When a token expires, use the Refresh Token endpoint to obtain a new one without requiring the user to re-enter credentials.

Security Best Practices

  • Store credentials securely — Use environment variables or a secrets manager. Never hardcode passwords in source code.
  • Rotate tokens — Use the refresh token flow to keep sessions alive without storing long-lived credentials.
  • Use HTTPS only — All API communication must use HTTPS. Plain HTTP requests will be rejected.
  • Limit credential access — Restrict who on your team has access to lender API credentials.

Path Parameters

lender
string
required

Your lender subdomain identifier, provided by ClearGrid during onboarding.

Body

application/json
email
string<email>
required

The lender email address provided by ClearGrid during onboarding.

Example:

"user@example.com"

password
string
required

The lender-specific password provided by ClearGrid. Store securely and never hardcode.

Example:

"password123"

phone
string

Optional phone number for authentication.

Example:

"+971501234567"

Response

Login successful

token
string

Access token. Include as a Bearer token in the Authorization header for all further API requests.

refreshToken
string

Refresh token. Use with the Refresh Token endpoint to obtain a new access token when the current one expires.

lenderPublicId
string

The lender's unique public identifier (UUID). Used as a path parameter in subsequent API calls.