Hi @LuisAlaguna. I took a look and did more research. The auth route is the only route that will not check if the user is confirmed or not. All subsequent requests will fail despite the login routes working fine. The issue was closed because this was the intended way the login routes would work within Strapi. So yours was more a question of why, as opposed to it being a bug. With that said, my initial investigations were incorrect.
1 Like