SessionAttr.set - REST API

Overview

Creates a new session attribute or updates an existing one, optionally encrypting it before it is saved in the database. It is also possible to set expiry for an attribute, upon reaching of which the attribute will be no longer available.

While the call's Python equivalent has two versions, one for individual and the other for multiple attributes, with REST there is a single endpoint to cover both cases. Yet, just like in the Python call, it is more efficient to set multiple attributes in one REST call instead of repeatedly setting individual ones.

  • HTTP method: PUT
  • URL path: /zato/sso/session/attr

Request

NameDatatypeOptionalNotes
current_uststring---Current user's session token (UST)
target_uststring---Target session's UST, the one that is being manipulated (may be the same as current_ust)
current_appstring---Name of application that the call is attempted from
namestringYesIf a single attribute is to be set, the attribute's name
valuestringYesIf a single attribute is to be set, the attribute's value
datalistYesIf multiple attributes are to be set, a list of dictionaries, each describing an individual attribute, like in the set_many Python API
encryptboolYesShould the attribute's new value be encrypted before it is saved to the database. Defaults to False.
expirationintYesAfter how many seconds from current time the attribute should expire. By default it will never expire.

Response

NameDatatypeOptionalNotes
cidstring---Correlation ID assigned to request
statusstring---Overall status code
sub_statuslistYesReturned only if status is not "ok", a list of error or warning codes

Usage

$ curl -XPUT localhost:17010/zato/sso/session/attr -d '
  {
    "current_ust": "gAAAAABavk-65BuvKI0JFPeuJ9T...",
    "target_ust": "gAAAAABavk-65BuvKI0JFPeuJ9Tp...",
    "current_app": "CRM",
    "name": "my-new-rest-attribute",
    "value": "my-new-rest-value",
    "encrypt": true,
    "expiration": 3600
  }
  '

  {
    "status": "ok",
    "cid": "e07c2f8fa0bb5d3b17dcf181"
  }