Skip to main content
POST
/
auth
/
connections
/
{id}
/
login
JavaScript
import Kernel from '@onkernel/sdk';

const client = new Kernel({
  apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted
});

const loginResponse = await client.auth.connections.login('id');

console.log(loginResponse.id);
import os
from kernel import Kernel

client = Kernel(
api_key=os.environ.get("KERNEL_API_KEY"), # This is the default and can be omitted
)
login_response = client.auth.connections.login(
id="id",
)
print(login_response.id)
package main

import (
"context"
"fmt"

"github.com/kernel/kernel-go-sdk"
"github.com/kernel/kernel-go-sdk/option"
)

func main() {
client := kernel.NewClient(
option.WithAPIKey("My API Key"),
)
loginResponse, err := client.Auth.Connections.Login(
context.TODO(),
"id",
kernel.AuthConnectionLoginParams{},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", loginResponse.ID)
}
curl --request POST \
--url https://api.onkernel.com/auth/connections/{id}/login \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"proxy": {
"id": "<string>",
"name": "<string>"
},
"record_session": true
}
'
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://api.onkernel.com/auth/connections/{id}/login",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'proxy' => [
'id' => '<string>',
'name' => '<string>'
],
'record_session' => true
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
HttpResponse<String> response = Unirest.post("https://api.onkernel.com/auth/connections/{id}/login")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"proxy\": {\n \"id\": \"<string>\",\n \"name\": \"<string>\"\n },\n \"record_session\": true\n}")
.asString();
require 'uri'
require 'net/http'

url = URI("https://api.onkernel.com/auth/connections/{id}/login")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"proxy\": {\n \"id\": \"<string>\",\n \"name\": \"<string>\"\n },\n \"record_session\": true\n}"

response = http.request(request)
puts response.read_body
{
  "id": "ma_abc123xyz",
  "flow_type": "LOGIN",
  "hosted_url": "https://auth.kernel.com/login/abc123xyz",
  "flow_expires_at": "2025-11-05T20:00:00Z",
  "handoff_code": "aBcD123EfGh456IjKl789MnOp012QrStUvWxYzAbCdEf",
  "live_view_url": "https://live.onkernel.com/abc123xyz"
}
{
"code": "bad_request",
"message": "Missing required field: app_name",
"details": [
{
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
],
"inner_error": {
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
}
{
"code": "bad_request",
"message": "Missing required field: app_name",
"details": [
{
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
],
"inner_error": {
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
}
{
"code": "bad_request",
"message": "Missing required field: app_name",
"details": [
{
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
],
"inner_error": {
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
}
{
"code": "bad_request",
"message": "Missing required field: app_name",
"details": [
{
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
],
"inner_error": {
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
}
{
"code": "bad_request",
"message": "Missing required field: app_name",
"details": [
{
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
],
"inner_error": {
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
}
{
"code": "bad_request",
"message": "Missing required field: app_name",
"details": [
{
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
],
"inner_error": {
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

id
string
required

Auth connection ID

Body

application/json

Request to start a login flow

proxy
object

Proxy selection. Provide either id or name. The proxy must belong to the caller's org.

record_session
boolean

Override the connection's default for recording this login's browser session. When omitted, the connection's record_session default is used.

Example:

true

Response

Login flow started

Response from starting a login flow

id
string
required

Auth connection ID

Example:

"ma_abc123xyz"

flow_type
enum<string>
required

Type of login flow started

Available options:
LOGIN,
REAUTH
Example:

"LOGIN"

hosted_url
string<uri>
required

URL to redirect user to for login

Example:

"https://auth.kernel.com/login/abc123xyz"

flow_expires_at
string<date-time>
required

When the login flow expires

Example:

"2025-11-05T20:00:00Z"

handoff_code
string

One-time code for handoff (internal use)

Example:

"aBcD123EfGh456IjKl789MnOp012QrStUvWxYzAbCdEf"

live_view_url
string<uri>

Browser live view URL for watching the login flow

Example:

"https://live.onkernel.com/abc123xyz"