create the account and login the auth_token goes to headers, where should get by response body
If you want the JWT token in the response body instead of in the response Authorization header, something like this in your Rodauth configuration may work: