Using Postman to test login Gets Error

I have successfully imported an existing user using Postman with BCrypt hashed password, and now I am trying to login using the “Primary Authentication with Trusted Application” template in Postman, and all I get is error “Bad request”.

What do I need in the post to successfully log the user in?
“username”: “Test123”,
“password” : “xxxxxxxxxx”,
“context”: {
“deviceToken”: “26q43Ak9Eh04p7H6Nnx0m69JqYOrfVBY”

My headers have Accept and Content-Type set to “application/json” and Authorization set to the same token I used to create the user.

Thank you,

I wasn’t able to reproduce this myself. Here’s what I did:

Created a bcrypt hash via
Hashed Testing1234! with 12 rounds, which produces:


The first 22 characters after $2y$12$ is the salt: xndUzOKo.LmDQeAet4Y1ye

I created a user with this salt and cipher text:

POST /api/v1/users?activate=true

  "profile": {
    "firstName": "Bcrypt",
    "lastName": "Tester",
    "email": "",
    "login": ""
  "credentials": {
    "password" : {
      "hash": {
        "algorithm": "BCRYPT",
        "workFactor": 12,
        "salt": "xndUzOKo.LmDQeAet4Y1ye",
        "value": "giTznWRZBlARf.JU97iDUtLDsSR/gt2"

200 OK
... user profile

Then, I tried the Primary Authentication with Trusted Application request in Postman:

POST /api/v1/authn

  "username": "",
  "password" : "Testing1234!",
  "options": {
    "multiOptionalFactorEnroll": true,
    "warnBeforePasswordExpired": true
  "context": {
    "deviceToken": "26q43Ak9Eh04p7H6Nnx0m69JqYOrfVBY"

200 OK
    "stateToken": "00r--Q2C3opQ4Vcj4eaw9UwjZYpSbDv8bqS-mxsoV4",

I’m not sure why you would get a bad request error. Can you post your full request trace?