A session is a credential used by the entire API to ensure that only those allowed to may access sensitive information. It represents an authenticated User.
Sessions are accessed via /api/session.
The unique id of the session. It will never change.
The uniq id of the user attached to this session.
An integer representing the number of times this session has been extended by interacting with the server.
The IP address from which this session was created.
See "Related Objects" in Introduction for how to use them.
The User attached to this session.
In order to get more than the publicly available information, you'll need to authenticate and get a session id. The services detailed herein will help you with that.
Authenticates a user by username and password.
POST /api/session
NOTE: Only developers can log in using this interface. To have regular users log in through your application you must use the SingleSignOn interface.
The username of a user already in the system. Required.
The corresponding password of the user who's username was specified. Required.
See APIKey. Required.
Returns:
{
"id" : "xxx",
"object_type" : "session",
"user_id" : "xxx",
...
}
See User for complete details about what's contained in a user object.
Destroys a session, to ensure no one else can use it.
DELETE /api/session/xxx
Returns:
{
"success" : 1
}
Returns the properties of a session.
GET /api/session/xxx
Returns:
{
"id" : "xxx",
"object_type" : "session",
"user_id" : "xxx"
}