Create new session token valid for duration seconds, or for the server default session timeout if no duration is specified or if duration is longer than the server default session timeout. Either the user password needs to be valid or the 'validate-password' query param must be set to false. If an ongoing session already exists for the same authentication credentials and validation factors, then that session token is returned
boolean
integer
authentication information
string
string
array<ValidationFactorEntity>
the session creation was successful or an ongoing session already existed. Contains the Crowd SSO token
any
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
curl --request POST \
--url 'http://{baseurl}/rest/rest/usermanagement/1/session' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"userName": "my_username",
"password": "my_password",
"validation-factors": {
"validation-factor": [
{
"name": "remote_address",
"value": "127.0.0.1"
}
]
}
}'
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
{
"token": "abc123",
"user": {
"link": null,
"name": "sampleuser",
"firstName": null,
"lastName": null,
"displayName": null,
"directoryId": null,
"password": null,
"encryptedPassword": null,
"key": null,
"createdDate": null,
"updatedDate": null,
"directoryName": null,
"active": null,
"attributes": null,
"expanded": true,
"email": null
},
"link": {
"href": "https://crowdserver/crowd/session/abcc123",
"rel": "self"
},
"createdDate": 1464453000000,
"expiryDate": 1464456600000,
"unaliasedUsername": null
}
Invalidate all tokens for a given user name. Optionally, a token key can be saved from invalidation if specified in the 'exclude' param
string
Requiredstring
tokens were deleted successfully
1
2
curl --request DELETE \
--url 'http://{baseurl}/rest/rest/usermanagement/1/session?username={username}'
Retrieves the token with the authenticated user expanded
string
Requiredsession was successfully retrieved
any
1
2
3
curl --request GET \
--url 'http://{baseurl}/rest/rest/usermanagement/1/session/{token}' \
--header 'Accept: application/json'
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
{
"token": "abc123",
"user": {
"link": null,
"name": "sampleuser",
"firstName": null,
"lastName": null,
"displayName": null,
"directoryId": null,
"password": null,
"encryptedPassword": null,
"key": null,
"createdDate": null,
"updatedDate": null,
"directoryName": null,
"active": null,
"attributes": null,
"expanded": true,
"email": null
},
"link": {
"href": "https://crowdserver/crowd/session/abcc123",
"rel": "self"
},
"createdDate": 1464453000000,
"expiryDate": 1464456600000,
"unaliasedUsername": null
}
Validates the session token. Validating the token keeps the SSO session alive
string
Requiredlist of validation factors
array<ValidationFactorEntity>
token validation was successful
any
1
2
3
4
5
6
7
8
9
10
11
12
curl --request POST \
--url 'http://{baseurl}/rest/rest/usermanagement/1/session/{token}' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"validation-factor": [
{
"name": "remote_address",
"value": "127.0.0.1"
}
]
}'
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
{
"token": "abc123",
"user": {
"link": null,
"name": "sampleuser",
"firstName": null,
"lastName": null,
"displayName": null,
"directoryId": null,
"password": null,
"encryptedPassword": null,
"key": null,
"createdDate": null,
"updatedDate": null,
"directoryName": null,
"active": null,
"attributes": null,
"expanded": true,
"email": null
},
"link": {
"href": "https://crowdserver/crowd/session/abcc123",
"rel": "self"
},
"createdDate": 1464453000000,
"expiryDate": 1464456600000,
"unaliasedUsername": null
}
Invalidates the Crowd SSO token
string
Requiredtoken was invalidated successfully
1
2
curl --request DELETE \
--url 'http://{baseurl}/rest/rest/usermanagement/1/session/{token}'
Rate this page: