# Login

{% hint style="info" %}
***This page must be considered part of the iSHARE Framework***

*This page is considered normative and is therefore compliant with RFC 2119.*
{% endhint %}

{% hint style="info" %}
CTT is going to use low level of assurance because passing login when 2FA is enabled would be infeasible. Production environment should be way more secure and traditional authentication using credentials could be even disabled if there is a need to use more secure ways of logging in like biometrics, ID card logins etc.
{% endhint %}

## Allow Conformance Test Tool (CTT) to login

> The /login endpoint is required in order to pass Conformance Test Tool (CTT). The endpoint allows user to authenticate himself using username and password. After successful authentication if user grants permit to requested scopes redirection to Service Provider should happen.

```json
{"openapi":"3.0.0","info":{"title":"generic iSHARE API specifications","version":"2.1.1"},"tags":[{"name":"Identity Provider","description":"Endpoints that form the Identity Provider API specification."}],"servers":[{"description":"iSHARE UAT network base domain","url":"https://isharetest.net"},{"description":"iSHARE TEST network base domain","url":"https://test.ishareworks.nl"}],"paths":{"/login":{"post":{"requestBody":{"content":{"application/x-www-form-urlencoded":{"schema":{"required":["username","password"],"type":"object","properties":{"username":{"description":"Human user’s login name. Could be email, mobile phone  number, nickname etc.","type":"string"},"password":{"description":"Human user’s password."}}}}},"required":true},"tags":["Identity Provider"],"parameters":[{"$ref":"#/components/parameters/content-type_form"}],"responses":{"200":{"description":"Login was successful and single page application will be responsible for redirection to returnUrl parameter."},"302":{"description":"Login was successful and back-end application redirects user to returnUrl parameter by itself."}},"deprecated":false,"operationId":"/login","summary":"Allow Conformance Test Tool (CTT) to login","description":"The /login endpoint is required in order to pass Conformance Test Tool (CTT). The endpoint allows user to authenticate himself using username and password. After successful authentication if user grants permit to requested scopes redirection to Service Provider should happen."}}},"components":{"parameters":{"content-type_form":{"deprecated":false,"name":"Content-Type","description":"Defines request body content type. MUST be equal to application/x-www-form-urlencoded.","schema":{"type":"string"},"in":"header","required":true}}}}
```

{% hint style="info" %}
It is not mandatory to have exactly the same parameter names because CTT supports any parameter names for credentials.
{% endhint %}

{% hint style="info" %}
iSHARE documentation does not cover login failures because it’s only within Identity Providers scope.
{% endhint %}