# Admin Login

> Authenticate a back-office user (CRM/broker operator) and issue a bearer admin access token used to call this API. Tokens are valid for 30 days. Requests must originate from a whitelisted IP address.

Source: /admin/accounts-funding/sessions/accounts-service_-user-login

## `POST /user/login`

**Admin Login**

Authenticate a back-office user (CRM/broker operator) and issue a bearer admin access token used to call this API. Tokens are valid for 30 days. Requests must originate from a whitelisted IP address.

Tags: `Sessions`

### Request body

**Content-Type:** `application/json`

- `username` (string)
- `password` (string)


### Responses

#### `200` — A successful response.

**Content-Type:** `application/json`

- `token` (string)

#### `default` — An unexpected error response.

**Content-Type:** `application/json`

- `code` (integer)
- `message` (string)
- `details` (array)
  - items:
    - `@type` (string)