Login

Authentication request using an account ID and password.

This request is typically used for internal or system-level logins where the account ID is already known.

account_id (str) Identifier of the account attempting to authenticate.
password (Sensitive[str]) Password wrapped in a Sensitive container to ensure safe handling in logs, traces, and internal memory.

Authentication request using an API key.

This request type is used for programmatic or machine-to-machine authentication flows.

api_key (Sensitive[str]) API key provided by the client. Stored inside Sensitive to avoid accidental exposure.

Authentication request using an email address and password.

This is the standard user-facing login flow.

email (str) Email address associated with the account.
password (Sensitive[str]) User password, wrapped in Sensitive for secure handling.

Response object returned after a successful authentication attempt.

Includes the authenticated account and any issued access or identity tokens. Missing fields indicate partial or failed authentication flows.

Fields

account (Optional[Account]) The authenticated account object. None if authentication failed or only token issuance was requested.
access_token (Optional[Sensitive[str]]) Bearer token granting access to protected API routes. Returned as Sensitive to avoid exposure.
id_token (Optional[Sensitive[str]]) Optional identity token (e.g., for session-based flows or UI clients).

Bases: NormanBaseModel

Authentication request using an account name (username) and password.

This request supports username-based login flows, especially useful for systems where account names are unique identifiers.

Fields

2026