Session

A session is a credential used by the entire API to ensure that only those allowed to may access sensitive information. It represents an authenticated User.

Sessions are accessed via /api/session.

Properties

id

The unique id of the session. It will never change.

user_id

The uniq id of the user attached to this session.

extended

An integer representing the number of times this session has been extended by interacting with the server.

ip_address

The IP address from which this session was created.

Related Objects

See "Related Objects" in Introduction for how to use them.

user

The User attached to this session.

Services

In order to get more than the publicly available information, you'll need to authenticate and get a session id. The services detailed herein will help you with that.

Login

Authenticates a user by username and password.

 POST /api/session

NOTE: Only developers can log in using this interface. To have regular users log in through your application you must use the SingleSignOn interface.

Required Params
username

The username of a user already in the system. Required.

password

The corresponding password of the user who's username was specified. Required.

api_key_id

See APIKey. Required.

Returns:

 {
   "id" : "xxx",
   "object_type" : "session",
   "user_id" : "xxx",
   ...
 }

See User for complete details about what's contained in a user object.

Logout

Destroys a session, to ensure no one else can use it.

 DELETE /api/session/xxx

Returns:

 {
   "success" : 1
 }

View Session Details

Returns the properties of a session.

 GET /api/session/xxx

Returns:

 {
   "id" : "xxx",
   "object_type" : "session",
   "user_id" : "xxx"
 }