Start a Session
post
/sso/v1/sdk/secure/session
Request
Supported Media Types
- multipart/form-data
Root Schema : schema
Type:
Show Source
object
-
authnToken(optional):
string
Authentication Token that was obtained from the previous authentication call to the /authenticate endpoint
-
authorization(optional):
string
Authorization Bearer Token that was generated / used for previous authentication call to the /authenticate endpoint
-
requestState(optional):
string
RequestState that was obtained from the previous authentication call to the /authenticate endpoint
-
trustToken(optional):
string
Trust token obtained after trusting the browser
Response
200 Response
Auto submit HTML response
303 Response
Redirect to URL after successful creation of session
400 Response
Invalid request
401 Response
Unauthorized request
500 Response
Internal Server Error
Examples
The following examples show how to start a session by submitting a POST request.
For this endpoint, the following attributes must be included:
requestState:
received in the last responseOR
authnToken:
received in the last responseAND
authorization:
parameter required for secure session
Example HTML Form POST Code
The following JavaScript example shows how to submit authnToken
and requestState
as a FORM POST.
var addParam = function(myform, msg, paramName) {
param = document.createElement("input");
param.value = msg.postParams[paramName];
param.name = paramName;
myform.appendChild(param);
};
var myform = document.createElement("form");
myform.method = "POST";
myform.action = "https://tenant-base-url/sso/v1/sdk/secure/session";
addParam(myform, authnToken, "authnToken");
addParam(myform, requestState, "requestState");
addParam(myform, authorization, "accesstoken")
document.body.appendChild(myform);
console.log(myform)
myform.submit();
Request Example
The following is an example of the contents of the FORM POST to the /sso/v1/sdk/secure/session
endpoint:
requestState=value&authorization=<client sign-in access token>
OR
authnToken=<value received from a previous response>&authorization=<client sign-in access token>
Response Example
The following example shows the contents of the response in standard HTTP format:
HTTP/1.1 302 See Other
Date: Tue, 30 Oct 2018 04:40:05 GMT
Content-Length: 0
Connection: keep-alive
Pragma: no-cache
Location: https://tenant-base-url/idp/sso (Example URL)
Set-cookie: ORA_OCIS_REQ_1=+fxgW2P7bgQayiki5P;Version=1;Path=/;Secure;HttpOnly
Expires: Sat, 01 Jan 2000 00:00:00 GMT
X-xss-protection: 1; mode=block
X-content-type-options: nosniff