To log in to a user, you can call the
refreshToken is available in the mutation response, this is mainly intended for use in environments where cookies aren't available (i.e. mobile applications). An
HttpOnly refresh token cookie is automatically sent with all authentication mutation responses.
To register a user, you can call the
If you have
Permission Type set to
Multiple Schemas in your plugin settings, you will have a
register mutation for each user group that has registrations enabled (e.g.
To refresh a user's JWT, you can call the
Whilst this mutation accepts a
refreshToken argument, browser requests will automatically use the refresh token cookie. The argument is mainly intended for use in mobile applications.
Refresh tokens are consumed when generating a new JWT. A new refresh token is included in the mutation response, and also sent as an
To delete the current token, you can call the
To delete all tokens associated with a user, you can call the
To send a password reset email to a user, you can call the
To set a user's password following a password reset email, you can call the