2.3. Authentication Sessions

PDF

The API also provides the ability for authentication session support. An API user sends an initial request with authentication details, then sends all subsequent requests using a session cookie to authenticate. The following procedure demonstrates how to use an authenticated session.

Procedure 2.3. Requesting an authenticated session

Send a request with the Authorization and Prefer: persistent-auth

HEAD [base] HTTP/1.1
Host: [host]
Authorization: Basic cmhldm1hZG1pbkBibGFjay5xdW1yYW5ldC5jb206MTIzNDU2
Prefer: persistent-auth

HTTP/1.1 200 OK
...

This returns a response with the following header:

Set-Cookie: JSESSIONID=5dQja5ubr4yvI2MM2z+LZxrK; Path=/ovirt-engine/api; Secure

Note the JSESSIONID= value. In this example the value is JSESSIONID=5dQja5ubr4yvI2MM2z+LZxrK.

Send all subsequent requests with the Prefer: persistent-auth and cookie header with the JSESSIONID= value. The Authorization is no longer needed when using an authenticated session.
```
HEAD [base] HTTP/1.1
Host: [host]
Prefer: persistent-auth
cookie: JSESSIONID=5dQja5ubr4yvI2MM2z+LZxrK

HTTP/1.1 200 OK
...
```

When the session is no longer required, perform a request to the sever without the Prefer: persistent-auth header.

HEAD [base] HTTP/1.1
Host: [host]
Authorization: Basic cmhldm1hZG1pbkBibGFjay5xdW1yYW5ldC5jb206MTIzNDU2

HTTP/1.1 200 OK
...

2.3. Authentication Sessions

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

Making open source more inclusive

About Red Hat

Red Hat legal and privacy links

Red Hat legal and privacy links