Start a Session

post

/sso/v1/sdk/secure/session

Request

Supported Media Types
Header Parameters
Body ()
Root Schema : schema
Type: object
Show Source
Back to Top

Response

Supported Media Types

200 Response

Auto submit HTML response

303 Response

Redirect to URL after successful creation of session

400 Response

Invalid request

401 Response

Unauthorized request

500 Response

Internal Server Error
Back to Top

Examples

The following examples show how to start a session by submitting a POST request.

For this endpoint, the following attributes must be included:
  • requestState: received in the last response

    OR

  • authnToken: received in the last response

    AND

  • authorization:parameter required for secure session

Example HTML Form POST Code

The following JavaScript example shows how to submit authnToken and requestState as a FORM POST.

var addParam = function(myform, msg, paramName) {
	param = document.createElement("input");
	param.value = msg.postParams[paramName];
	param.name = paramName;
	myform.appendChild(param);
};
var myform = document.createElement("form");
    myform.method = "POST";
    myform.action = "https://tenant-base-url/sso/v1/sdk/secure/session";
    addParam(myform, authnToken, "authnToken");
    addParam(myform, requestState, "requestState");
    addParam(myform, authorization, "accesstoken")
    document.body.appendChild(myform);
    console.log(myform)
    myform.submit();

Request Example

The following is an example of the contents of the FORM POST to the /sso/v1/sdk/secure/session endpoint:

requestState=value&authorization=<client sign-in access token>
OR
authnToken=<value received from a previous response>&authorization=<client sign-in access token>

Response Example

The following example shows the contents of the response in standard HTTP format:

HTTP/1.1 302 See Other
Date: Tue, 30 Oct 2018 04:40:05 GMT
Content-Length: 0
Connection: keep-alive
Pragma: no-cache
Location: https://tenant-base-url/idp/sso (Example URL)
Set-cookie: ORA_OCIS_REQ_1=+fxgW2P7bgQayiki5P;Version=1;Path=/;Secure;HttpOnly
Expires: Sat, 01 Jan 2000 00:00:00 GMT
X-xss-protection: 1; mode=block
X-content-type-options: nosniff
Back to Top