Sign In (Create Session)

How to start a user session for a borrower with an existing digital lending user account.

The Sign In Borrower API signs in a borrower (i.e. creates a new user session). This API should be used when a borrower is signing in to a user account that has already been created.

This API can also be used to re-sign an existing access token (for a borrower that already signed in). In that case, you'll also pass the accountRefreshToken header parameter but leave the request body empty.

After this step is complete, they will be signed in. You can add additional logic to your sign-in flow, including multi-factor phone authentication and email verification, by referring to response header. The header contains two fields encoded in the x-digifi-account JSON base64 string: isEmailNotVerified and isMfaIncomplete. These will either be true or undefined (no falsy value). Check these flags to optionally enforce phone authentication or email verification.

To use authentication with a phone number (phone verification code) please check the Sign In (Send Phone Verification Code) page

Please note the following validations:

  • A borrower user account should exist.
  • The password should match the user's account password. (if you are using email/password option)

Example Requests

Below please find the JSON body for two example requests:

  • Example 1: Signing in a borrower (from a logged out state) using email/password.
  • Example 2: Re-signing an existing access token (for an already-logged-in borrower)
  • Example 3: Signing in a borrower (from a logged out state) using phone verification code.
    "email": "[email protected]",
    "password": "[email protected]!",
Do not include a body in this case.
  "phoneVerificationCode": "123456"