2.3. Authentication Sessions
The API also provides the ability for authentication session support. An API user sends an initial request with authentication details, then sends all subsequent requests using a session cookie to authenticate. The following procedure demonstrates how to use an authenticated session.
To request an authenticated session:
- Send a request with the
AuthorizationandPrefer:persistent-auth.HEAD [base] HTTP/1.1 Host: [host] Authorization: Basic cmhzY2FkbWluQGRvbWFpbi5leGFtcGxlLmNvbToxMjM0NTYK Prefer: persistent-auth HTTP/1.1 200 OK ...
This returns a response with the following header:Set-Cookie: JSESSIONID=5dQja5ubr4yvI2MM2z+LZxrK; Path=/api; Secure
Note theJSESSIONID=value. In this example the value isJSESSIONID=5dQja5ubr4yvI2MM2z+LZxrK. - Send all subsequent requests with the
Prefer:persistent-authand cookie header with theJSESSIONID=value. TheAuthorizationis no longer needed when using an authenticated session.HEAD [base] HTTP/1.1 Host: [host] Prefer: persistent-auth cookie: JSESSIONID=5dQja5ubr4yvI2MM2z+LZxrK HTTP/1.1 200 OK ...
- When the session is no longer required, perform a request to the sever without the
Prefer: persistent-authheader.HEAD [base] HTTP/1.1 Host: [host] Authorization: Basic cmhzY2FkbWluQGRvbWFpbi5leGFtcGxlLmNvbToxMjM0NTYK HTTP/1.1 200 OK ...
22632%2C+Console+Developer+Guide-322-09-2014+17%3A11%3A35Report a bug
