SessionAttr.delete - REST API

Overview

Deletes an existing session attribute or attributes. The operation cannot be undone. It is not an error to delete an attribute that does not exist.

While the call's Python equivalent has two versions, one for individual and the other for multiple attributes, with REST there is a single endpoint to cover both cases. Yet, just like in the Python call, it is more efficient to delete multiple attributes in one REST call instead of repeatedly deleting individual ones.

  • HTTP method: DELETE
  • URL path: /zato/sso/session/attr

Request

NameDatatypeOptionalNotes
current_uststring---Current user's session token (UST)
target_uststring---Target session's UST, the one that is being manipulated (may be the same as current_ust)
current_appstring---Name of application that the call is attempted from
namestringYesIf a single attribute is to be deleted, the attribute's name
datalistYesIf multiple attributes are to be deleted, this is a list of their names

Response

NameDatatypeOptionalNotes
cidstring---Correlation ID assigned to request
statusstring---Overall status code
sub_statuslistYesReturned only if status is not "ok", a list of error or warning codes

Usage

$ curl -XDELETE localhost:17010/zato/sso/session/attr -d '
  {
    "current_ust": "gAAAAABavk-65BuvKI0JFPe...",
    "target_ust": "gAAAAABavk-65BuvKI0JFPeu...",
    "current_app": "CRM",
    "name": "my-attribute"
  }
  '

  {
    "status": "ok",
    "cid": "e07c2f8fa0bb5d3b17dcf181"
  }