Session Properties

Each session is accessed via /api/session and has the following properties:

id

The unique id of the session. It will never change.

user_id

The uniq id of the user attached to this session.

extended

An integer representing the number of times this session has been extended by interacting with the server.

ip_address

The IP address from which this session was created.

Related Objects

user

The User attached to this session.

Methods

In order to get more than the publicly available information, you'll need to authenticate and get a session id. The methods detailed herein will help you with that.

Login

Authenticates a user by username and password.

 POST /api/session

NOTE: Only developers can log in using this interface. To have regular users log in through your application you must use the Single Sign On interface.

username

The username of a user already in the system. Required.

password

The corresponding password of the user who's username was specified. Required.

api_key_id

See APIKey. Required.

Returns:

 {
   "id" : "xxx",
   "wing_object_type" : "session",
   "user_id" : "xxx",
   ...
 }

See User for complete details about what's contained in a user object.

Logout

Destroys a session, to ensure no one else can use it.

 DELETE /api/session/xxx

Returns:

 {
   "success" : 1
 }

View Session Details

Returns the properties of a session.

 GET /api/session/xxx

Returns:

 {
   "id" : "xxx",
   "wing_object_type" : "session",
   "user_id" : "xxx"
 }

Request a Single Sign On Session

Using an APIKey you can ask for permissions so that you can authenticate on behalf of a user through single-sign-on (SSO). Read the details in APIKey first. Then you can request a session using your sso_id like so:

 POST /api/session/sso/xxx
private_key

The private key generated when you create an APIKey

Returns:

 {
   "id" : "xxx",
   "wing_object_type" : "session",
   "user_id" : "xxx",
   ...
 }
^ Back to Top ^