Skip to main content
Record a security event immediately after a successful sign-in. The server enriches the entry with the caller’s IP address, geolocation data, and device information, then stores the record in the security audit log. When event is "login", the user also receives an in-app notification and a security email alerting them to the new sign-in. POST /v1/auth/log Requires a Bearer token in the Authorization header.

Request

event
string
required
The type of authentication event. Accepted values: "login" or "signup".
fingerprint
string
An optional device fingerprint string. Stored alongside the log entry for security auditing.

Example

curl --request POST \
  --url "https://api.nyotaimara.com/v1/auth/log" \
  --header "Authorization: Bearer <token>" \
  --header "Content-Type: application/json" \
  --data '{"event": "login", "fingerprint": "abc123xyz"}'

Response

success
boolean
required
true when the event was logged. The server returns 200 even when logging fails internally, to avoid breaking the user’s authentication flow.
{
  "success": true
}
Behaviour on loginWhen event is "login", the server sends the authenticated user both an in-app notification and a security email containing the detected device, location, IP address, and timestamp. No notification is sent for "signup" events.Error cases
StatusCondition
401Missing or invalid Bearer token.
200 success: falseLogging failed internally. The user’s session is unaffected.