Access Module

Access Control

Manage user sessions and security tokens. ShieldPay Engine uses Laravel Sanctum for issueing long-lived API tokens that must be stored securely on the client side.

POST

Login (Create Access Token)

Authenticate user credentials and generate a new Bearer Token. All financial operations require this token in the Authorization header.

Endpoint


                http://shield-pay.adhameldouh.com/api/v1/auth/login

Request Body

Param	Type	Required
phone_number	string	YES
ipin	string (4 digits)	YES

JSON Response

200 OK

{
    "success": true,
    "Message": "Login successful",
    "token": "2|VFwIs7ROizXkfi5lR8bNtTEYofyviWko6PjK7ic",
    "user": 
    {
        "id": 1,
        "name": Adham Eldouh,
        "phone_number": "01015013191",
        "balance": "300.00"
    }
}

POST

Logout (Revoke Token)

Destroys the current authentication token and terminates the session. The client must clear the token from storage after a successful logout.

Authorization Requirement Bearer {TOKEN}

401 Unauthorized if token missing