This API is reliable and breaking changes are unlikely.
Path
[session_module_root]/session
Method
POST
Description
This creates a new session object for a user. Use JSON in the following format in the HTTP body:
{
"UserDirectory": "<user directory>",
"UserId": "<unique user id>",
"Attributes":
[ { "<Attribute1>": "<value1a>" },
{ "<Attribute1>": "<value1b>" }, [attributes are not unique]
{ "<Attribute2>": "" }, [value can be empty]
{ "<Attribute3>": "<value3>" },
...
] [optional],
"SessionId": "<session id>"
}If the response is successful, the module returns JSON like above, but with the addition of the property NewUser. This property indicates if the user already had a session (NewUser: false) or if the user was indeed a new user (NewUser: true).
The SessionId and the attributes are the same as the ones that were posted. The intended use for posting session IDs to the Session module is integration scenarios where a web portal of some sort is to issue session IDs.
Limitations
The attribute size is limited by the default maximum http header length in the Windows built-in http stack, which is 16 KB by default. It is possible to increase the header length by adjusting two keys in the Windows registry up to 64 KB:
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters\MaxFieldLength
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters\MaxRequestBytes