Session.verify - REST API


Returns a boolean flag to indicate whether a session from target_ust exists or not, without renewing it. Must be called by a logged in super-user.

Note that False will be returned if the session already expired or if its user's password expired.

  • HTTP method: POST
  • URL path: /zato/sso/user/session


Name Datatype Optional Notes
target_ust string --- UST of session to verify
current_ust string --- Current user's session token (UST) - must belong to a super-user
current_app string --- Name of application that the call is attempted from


Name Datatype Optional Notes
cid string --- Correlation ID assigned to request
status string --- Overall status code
sub_status list Yes Returned only if status is not "ok", a list of error or warning codes
is_valid bool Yes True if target_ust points to an existing session, False otherwise


$ curl -XGET localhost:17010/zato/sso/user/session -d '
    "target_ust": "gAAAAABaqXJAenbkYyQt9CoWIvq...",
    "current_ust": "gAAAAABanYJQziYsPwDYOFJSR5...",
    "current_app": "CRM"

  "cid": "e0673f65704f74b2cd040fa6",
  "status": "ok",
  "is_valid": true