Session.verify - REST API

Overview

Returns a boolean flag to indicate whether a session from target_ust exists or not, without renewing it. Must be called by a logged in super-user.

Note that False will be returned if the session already expired or if its user's password expired.

HTTP method: POST
URL path: /zato/sso/user/session

Request

Name	Datatype	Optional	Notes
target_ust	string	---	UST of session to verify
current_ust	string	---	Current user's session token (UST) - must belong to a super-user
current_app	string	---	Name of application that the call is attempted from

Response

Name	Datatype	Optional	Notes
cid	string	---	Correlation ID assigned to request
status	string	---	Overall status code
sub_status	list	Yes	Returned only if status is not "ok", a list of error or warning codes
is_valid	bool	Yes	True if target_ust points to an existing session, False otherwise

Usage

$ curl -XGET localhost:17010/zato/sso/user/session -d '
  {
    "target_ust": "gAAAAABaqXJAenbkYyQt9CoWIvq...",
    "current_ust": "gAAAAABanYJQziYsPwDYOFJSR5...",
    "current_app": "CRM"
  }
  '

{
  "cid": "e0673f65704f74b2cd040fa6",
  "status": "ok",
  "is_valid": true
}
$