POST Create Session Token


Creates a Basic Authentication session token that should be used in all further requests

  • User POSTs their username, domain and password

  • Server generates a random access token which is returned to the client

  • Client receives the token and uses it in all further requests supplying it in a header

  • Token expires due to:

    • Client POSTs a request to a special "logout" resource (see Logout)

    • Client is forced to log out by the platform operations team

    • Client is revoked the permission to use the REST API

    • A pre-configured timeout passes since last request from the client

  • Upon a request with an expired token, client receives the 401 Unauthorized error and is expected to repeat the authentication procedure.

To avoid situations with sudden disconnects due to inactivity, client is expected to track token expiration on its side and either renew the session or use the Ping API to maintain the session.

// Request JSON

    "username": "username of the client",
    "domain": "domain of the client",
    "password": "password of the client"

Common errors

Authentication failed due to username/password mismatch

  • Status code: 401 Unauthorized

  • Error code: 3

  • Description: Incorrect username or password

Last updated