Login Flows
CRYMBO Platform supports multiple login methods depending on the integration type.
Web Login (UI)
- User navigates to the CRYMBO Platform login page
- Enters email and password
- If MFA is enabled, completes the MFA challenge
- Session token issued; user redirected to dashboard
Server-to-Server Login (API)
For backend integrations that don't involve a user interface:
POST /api/v1/auth/token
Content-Type: application/json
{
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET",
"grant_type": "client_credentials"
}
Response:
{
"access_token": "eyJ...",
"token_type": "Bearer",
"expires_in": 3600
}
Session Management
- Access tokens expire after 1 hour (configurable)
- Refresh tokens available for extended sessions
- Session revocation available via API or Platform UI
- All sessions logged with IP address and timestamp