> ## Documentation Index > Fetch the complete documentation index at: https://docs.forestreet.com/llms.txt > Use this file to discover all available pages before exploring further. # Sign in > Sign in a user with email and password; upon success, authentication cookies are set in the browser. This is used by Forestreet's internal frontend application. ## OpenAPI ````yaml post /v2/auth/sign-in openapi: 3.0.0 info: title: Forestreet API version: 1.0.0 description: API documentation for Forestreet API servers: - url: https://rest.forestreet.com description: Forestreet API V2 server security: - apiKeyAuth: [] - bearerAuth: [] - sessionIdQuery: [] tags: [] paths: /v2/auth/sign-in: post: tags: - Auth summary: Sign in description: |2- Sign in a user with email and password; upon success, authentication cookies are set in the browser. This is used by Forestreet's internal frontend application. requestBody: content: application/json: schema: type: object properties: email: type: string format: email description: Email address of the user. password: type: string minLength: 1 description: Password of the user. required: - email - password responses: '200': description: User signed in successfully headers: Set-Cookie: schema: type: string description: Authentication cookies set in the response headers. required: true description: Authentication cookies set in the response headers. content: application/json: schema: type: object properties: message: type: string description: Message from the server. accessToken: type: string pattern: ^[A-Za-z0-9-_]+(?:\.[A-Za-z0-9-_]+)+$ description: Access token for the user. refreshToken: type: string pattern: ^[A-Za-z0-9-_]+(?:\.[A-Za-z0-9-_]+)+$ description: Refresh token for the user. expiresIn: type: number description: Expires duration for the access token. expiresAt: type: number description: Expires timestamp for the access token. required: - message - accessToken - refreshToken - expiresIn - expiresAt '400': description: Bad Request - Invalid input content: application/json: schema: type: object properties: success: type: boolean enum: - false errorCode: type: string enum: - USER_NOT_CONFIRMED - INVALID_CREDENTIALS - INCOMPLETE_CREDENTIALS - INVALID_SESSION_TOKEN - FORCE_CHANGE_PASSWORD - PASSWORD_RESET_REQUIRED - PASSWORD_EXPIRED - CODE_EXPIRED - SESSION_EXPIRED - UNAUTHORISED - AUTHENTICATOR_ERROR - SSO_ACCOUNT - FORBIDDEN - METHOD_NOT_ALLOWED - INVALID_INPUT - PATH_VALIDATION_FAILED - QUERY_VALIDATION_FAILED - BODY_VALIDATION_FAILED - RESPONSE_VALIDATION_FAILED - INVALID_OR_MALFORMED_JSON - INTERNAL_SERVER_ERROR - CONFIGURATION_ERROR - SERVICE_UNAVAILABLE - NOT_FOUND - CONFLICT - LIMIT_EXCEEDED - REVIEW_ALREADY_PENDING - REVIEW_NOT_PENDING - REVIEW_PENDING - REVIEW_INSUFFICIENT_DOMAINS - QUOTA_EXCEEDED - UNSUPPORTED_ENDPOINT_VERSION - ENDPOINT_NOT_FOUND - ENDPOINT_ALREADY_EXISTS message: type: string detail: type: object additionalProperties: nullable: true required: - success - errorCode examples: INVALID_INPUT: value: success: false errorCode: INVALID_INPUT message: Bad Request - Invalid input '401': description: Unauthorized - Invalid credentials, token or cookies content: application/json: schema: type: object properties: success: type: boolean enum: - false errorCode: type: string enum: - USER_NOT_CONFIRMED - INVALID_CREDENTIALS - INCOMPLETE_CREDENTIALS - INVALID_SESSION_TOKEN - FORCE_CHANGE_PASSWORD - PASSWORD_RESET_REQUIRED - PASSWORD_EXPIRED - CODE_EXPIRED - SESSION_EXPIRED - UNAUTHORISED - AUTHENTICATOR_ERROR - SSO_ACCOUNT - FORBIDDEN - METHOD_NOT_ALLOWED - INVALID_INPUT - PATH_VALIDATION_FAILED - QUERY_VALIDATION_FAILED - BODY_VALIDATION_FAILED - RESPONSE_VALIDATION_FAILED - INVALID_OR_MALFORMED_JSON - INTERNAL_SERVER_ERROR - CONFIGURATION_ERROR - SERVICE_UNAVAILABLE - NOT_FOUND - CONFLICT - LIMIT_EXCEEDED - REVIEW_ALREADY_PENDING - REVIEW_NOT_PENDING - REVIEW_PENDING - REVIEW_INSUFFICIENT_DOMAINS - QUOTA_EXCEEDED - UNSUPPORTED_ENDPOINT_VERSION - ENDPOINT_NOT_FOUND - ENDPOINT_ALREADY_EXISTS message: type: string detail: type: object additionalProperties: nullable: true required: - success - errorCode examples: UNAUTHORISED: value: success: false errorCode: UNAUTHORISED message: Unauthorized - Invalid credentials, token or cookies components: securitySchemes: apiKeyAuth: type: apiKey in: header name: x-api-key description: >- Pass a static API key for every request, provided by your customer support. bearerAuth: type: http scheme: bearer description: >- Bearer token authentication, using a sessionId generated by `GET /v2/auth/session`. sessionIdQuery: type: apiKey in: query name: sessionId description: >- Session ID passed as a query parameter for authentication, provided by `GET /v2/auth/session`. ````