> ## Documentation Index > Fetch the complete documentation index at: https://help-loyalife.xoxoday.com/llms.txt > Use this file to discover all available pages before exploring further. # Check Membership Credentials > Validate a member's password for authentication. Validates a member's password against their stored credentials, enabling password-based login within your loyalty portal. The password must be hashed (bcrypt or MD5 depending on your program configuration) before sending — never transmit plaintext passwords. On success, the response includes the member's internal `Id` and basic profile details. For OTP-based login, use [Generate OTP by Relation Reference](/api-reference/otp/generate-otp-by-relation) → [Verify OTP by Relation Reference](/api-reference/otp/verify-otp-by-relation) instead. ## Responses | Path | Type | Description | | ------------------------------------------ | ------------------ | ------------------------------------------------------------ | | `results.IsSucessful` | boolean | `true` | | `results.ErrorCode` | string | `000` | | `results.ReturnObject.Id` | integer | Internal member ID | | `results.ReturnObject.FullName` | string | Member's full name | | `results.ReturnObject.Email` | string | Member's email address | | `results.ReturnObject.Status` | integer | Account status — `1`=Active | | `results.ReturnObject.IsAccountActivated` | boolean | Whether the account has been activated | | `results.ReturnObject.LastLoggedIn` | string (date-time) | Previous login timestamp | | `results.ReturnObject.LoginAttempt` | integer | Number of failed login attempts since last success | | `results.ReturnObject.ForceChangePassword` | boolean | `true` if the member must reset their password on next login | | Path | Type | Description | | -------------------------- | ------- | ---------------------------------------------------- | | `results.IsSucessful` | boolean | `false` | | `results.ErrorCode` | string | Error code from the platform | | `results.ExceptionMessage` | string | Human-readable reason — check this field for details | ## OpenAPI ````yaml POST /lbms-ingress/member/api/Member/CheckMembershipCredentialsByRelationReference openapi: 3.1.0 info: title: Loyalife LBMS API description: >- REST API for Loyalife's Loyalty Management System. Covers member management, OTP authentication, loyalty transactions, and points redemption. version: 1.0.0 contact: name: Xoxoday Support email: support@xoxoday.com servers: - url: https://loyalife-api.xoxoday.in description: Production security: - bearerAuth: [] paths: /lbms-ingress/member/api/Member/CheckMembershipCredentialsByRelationReference: post: tags: - Member Management summary: Check Membership Credentials description: >- Validate a member's password for authentication. Returns the full member profile on success. operationId: checkMembershipCredentials requestBody: required: true content: application/json: schema: type: object required: - UniquerefID - ProgramId - RelationType - Password properties: UniquerefID: type: string description: The member's RelationReference example: jane.doe@example.com ProgramId: type: integer description: Your loyalty program ID example: 19 RelationType: type: integer description: Use `4` for customers example: 4 Password: type: string description: >- Member's password hashed using bcrypt or MD5 as configured for your program. example: $2b$10$hashed_password_here example: UniquerefID: jane.doe@example.com ProgramId: 19 RelationType: 4 Password: '{hashed_password}' responses: '200': description: Credentials valid — returns member profile content: application/json: schema: type: object properties: results: type: object properties: IsSucessful: type: boolean ErrorCode: type: string ExceptionMessage: type: string ReturnObject: $ref: '#/components/schemas/MemberProfile' example: results: IsSucessful: true ErrorCode: '000' ExceptionMessage: Success ReturnObject: Id: 12345 FullName: Jane Doe Email: jane.doe@example.com '401': description: Invalid credentials content: application/json: schema: $ref: '#/components/schemas/StandardError' example: results: IsSucessful: false ErrorCode: E401 ExceptionMessage: Invalid credentials components: schemas: MemberProfile: type: object properties: Id: type: integer description: Internal member ID — required for UpdateProfileWithAttributes example: 12345 FullName: type: string example: Jane Doe Email: type: string format: email example: jane.doe@example.com MobileNumber: type: string example: '+919876543210' Status: type: string example: Active TierName: type: string description: Current loyalty tier (e.g. Silver, Gold, Platinum) example: Silver TotalPoints: type: integer example: 1500 RelationReference: type: string example: jane.doe@example.com StandardError: type: object properties: results: type: object properties: IsSucessful: type: boolean example: false ErrorCode: type: string example: E400 ExceptionMessage: type: string example: Error description securitySchemes: bearerAuth: type: http scheme: bearer bearerFormat: JWT description: >- JWT obtained from Generate Auth Token. Pass as `Authorization: bearer {token}`. ````