Create session
post
https://oaainstall-host/risk-analyzer/session/v1
Creates new OARM session for the user authentication request.
Request
There are no request parameters for this operation.
Supported Media Types
- application/xml
- application/json
Root Schema : schema
Type:
objectRequest object for creating the session
Show Source
-
fpList: array
DeviceFingerprintDataList
List of the device fingerprint data
-
ip: object
IPData
IP related data used during authentication
-
requestId: string
requestId for the request. If not populated will be generated in the server and returned in the response.
-
requestTime: string
(date-time)
Date time string in the format rfc3339 sec 5.6. https://tools.ietf.org/html/rfc3339#section-5.6 e.g format 2021-08-13T01:29:29.768Z
-
sessionData: object
SessionData
Session data present in the request.
-
user: object
SessionUserData
user related data
Nested Schema : DeviceFingerprintDataList
Type:
arrayList of the device fingerprint data
Show Source
-
Array of:
object DeviceFingerprintData
Device fingerprint data that is present in the request
Nested Schema : IPData
Type:
objectIP related data used during authentication
Show Source
-
latitude: number
The latitude of the location. Min value is -90 (negative values for sounthern hemisphere) and max value is +90 (positive values for northern hemisphere)
-
locationAccuracy: number
This attribute describes the accuracy of the location information (longitude, latitude pair). This attribute along with location accuracy units will indicate the accuracy. Typical example will be say within 2 meters of the indicated co-ordinates. For this example the value of this attribute will be 2.0 and the value of location accuracy type will be a enumeration pointing to metere.
-
locationAccuracyUnits: integer
Required when locationAccuracy is present. This attribute along with locationAccuracy attribute describes the accuracy of the location information (longitude, latitude pair). This attribute along with location accuracy units will indicate the accuracy. Typical example will be say within 2 meters of the indicated co-ordinates. For this example the value of this attribute will be a enumeration pointing to meter and value of locationAccuracy attribute will be 2.0.
-
locationAcquireTime: string
(date-time)
Date time string in the format rfc3339 sec 5.6. https://tools.ietf.org/html/rfc3339#section-5.6 e.g format 2021-08-13T01:29:29.768Z
-
locationAcquireType: integer
Required when locationAccuracy is present. This attribute indicates the type / method by which location was acquired. This is enumeration of the type location.source.type.enum. Some of the possible integer values will correspond to gps, asisted gps, wifi hotspot etc.
-
longitude: number
The longitude of the location. Min value is -180 (negative values for western hemisphere) and max value is +180 (positive values for eastern hemispehre).
-
proxyIP: string
This attribute is the proxy IP address of the session if proxy is present. (in A.B.C.D format)
-
remoteHost: string
This attribute captures the remote Host machine name from which the request somes in.
-
remoteIP(required): string
This attribute captures the IP address of the session in String format. (A.B.C.D)
Nested Schema : SessionData
Type:
objectSession data present in the request.
Show Source
-
analyzePatterns: boolean
Flag to indicate if pattern analysis should be done for this session. Set this flag to true, if pattern based rules are used.
-
authenticationStatus(required): integer
One of the config values from auth.status.enum. To check the possible values of the auth.status.enum, use the config property REST API operation GET with URL <PolicyURL>/policy/config/property/v1?propertyName=auth.status.enum. It is recommended to use a value corresponding to pending status when creating the session.
-
clientApplication: string
The client application of the user's session. This is a customer defined value, typically of the application name that is using or integrating with this API.
-
clientType(required): integer
The client type of the user's session. One of the config values from client.type.enum. To check the possible values of the client.type.enum, use the config property REST API operation GET with URL <PolicyURL>/policy/config/property/v1?propertyName=client.type.enum
-
clientVersion: string
The version of the client application of the user's session. This is a customer defined value, typically of the version of the application that is using or integrating with this API.
-
externalDeviceId: string
External device id if the client wants to populate. This is a customer defined value, and can be used to identify, or indicate, a device name or some external Id, that this session may be coming from. A typical example can be a name or id of the terminal where the session is originating
-
registerDevice: boolean
Attribute is flag when true will result in registering the device for the user.
-
requestId(required): string
requestId for the request
Nested Schema : SessionUserData
Type:
objectuser related data
Show Source
-
groupName(required): string
group name
-
loginName(required): string
Login name used for authentication
-
userId: string
user identifier.
Nested Schema : DeviceFingerprintData
Type:
objectDevice fingerprint data that is present in the request
Show Source
-
cookie: string
cookie in the request
-
cookieType: integer
cookie type value from the enum configuration vcrypt.fingerprint.type.enum.
-
fingerprint: string
The finger print type of the user's session. Only 2 values are supported (browser (1) and javascript (4) ) values from fingerprint.type.enum. To check the possible values of the fingerprint.type.enum, use the config property REST API operation GET with URL <PolicyURL>/policy/config/property/v1?propertyName=fingerprint.type.enum
Root Schema : schema
Type:
objectRequest object for creating the session
Show Source
-
fpList: array
DeviceFingerprintDataList
List of the device fingerprint data
-
ip: object
IPData
IP related data used during authentication
-
requestId: string
requestId for the request. If not populated will be generated in the server and returned in the response.
-
requestTime: string
(date-time)
Date time string in the format rfc3339 sec 5.6. https://tools.ietf.org/html/rfc3339#section-5.6 e.g format 2021-08-13T01:29:29.768Z
-
sessionData: object
SessionData
Session data present in the request.
-
user: object
SessionUserData
user related data
Nested Schema : DeviceFingerprintDataList
Type:
arrayList of the device fingerprint data
Show Source
-
Array of:
object DeviceFingerprintData
Device fingerprint data that is present in the request
Nested Schema : IPData
Type:
objectIP related data used during authentication
Show Source
-
latitude: number
The latitude of the location. Min value is -90 (negative values for sounthern hemisphere) and max value is +90 (positive values for northern hemisphere)
-
locationAccuracy: number
This attribute describes the accuracy of the location information (longitude, latitude pair). This attribute along with location accuracy units will indicate the accuracy. Typical example will be say within 2 meters of the indicated co-ordinates. For this example the value of this attribute will be 2.0 and the value of location accuracy type will be a enumeration pointing to metere.
-
locationAccuracyUnits: integer
Required when locationAccuracy is present. This attribute along with locationAccuracy attribute describes the accuracy of the location information (longitude, latitude pair). This attribute along with location accuracy units will indicate the accuracy. Typical example will be say within 2 meters of the indicated co-ordinates. For this example the value of this attribute will be a enumeration pointing to meter and value of locationAccuracy attribute will be 2.0.
-
locationAcquireTime: string
(date-time)
Date time string in the format rfc3339 sec 5.6. https://tools.ietf.org/html/rfc3339#section-5.6 e.g format 2021-08-13T01:29:29.768Z
-
locationAcquireType: integer
Required when locationAccuracy is present. This attribute indicates the type / method by which location was acquired. This is enumeration of the type location.source.type.enum. Some of the possible integer values will correspond to gps, asisted gps, wifi hotspot etc.
-
longitude: number
The longitude of the location. Min value is -180 (negative values for western hemisphere) and max value is +180 (positive values for eastern hemispehre).
-
proxyIP: string
This attribute is the proxy IP address of the session if proxy is present. (in A.B.C.D format)
-
remoteHost: string
This attribute captures the remote Host machine name from which the request somes in.
-
remoteIP(required): string
This attribute captures the IP address of the session in String format. (A.B.C.D)
Nested Schema : SessionData
Type:
objectSession data present in the request.
Show Source
-
analyzePatterns: boolean
Flag to indicate if pattern analysis should be done for this session. Set this flag to true, if pattern based rules are used.
-
authenticationStatus(required): integer
One of the config values from auth.status.enum. To check the possible values of the auth.status.enum, use the config property REST API operation GET with URL <PolicyURL>/policy/config/property/v1?propertyName=auth.status.enum. It is recommended to use a value corresponding to pending status when creating the session.
-
clientApplication: string
The client application of the user's session. This is a customer defined value, typically of the application name that is using or integrating with this API.
-
clientType(required): integer
The client type of the user's session. One of the config values from client.type.enum. To check the possible values of the client.type.enum, use the config property REST API operation GET with URL <PolicyURL>/policy/config/property/v1?propertyName=client.type.enum
-
clientVersion: string
The version of the client application of the user's session. This is a customer defined value, typically of the version of the application that is using or integrating with this API.
-
externalDeviceId: string
External device id if the client wants to populate. This is a customer defined value, and can be used to identify, or indicate, a device name or some external Id, that this session may be coming from. A typical example can be a name or id of the terminal where the session is originating
-
registerDevice: boolean
Attribute is flag when true will result in registering the device for the user.
-
requestId(required): string
requestId for the request
Nested Schema : SessionUserData
Type:
objectuser related data
Show Source
-
groupName(required): string
group name
-
loginName(required): string
Login name used for authentication
-
userId: string
user identifier.
Nested Schema : DeviceFingerprintData
Type:
objectDevice fingerprint data that is present in the request
Show Source
-
cookie: string
cookie in the request
-
cookieType: integer
cookie type value from the enum configuration vcrypt.fingerprint.type.enum.
-
fingerprint: string
The finger print type of the user's session. Only 2 values are supported (browser (1) and javascript (4) ) values from fingerprint.type.enum. To check the possible values of the fingerprint.type.enum, use the config property REST API operation GET with URL <PolicyURL>/policy/config/property/v1?propertyName=fingerprint.type.enum
Response
Supported Media Types
- application/xml
- application/json
- text/plain
201 Response
Creates session for the request.
Root Schema : CreateSessionResponse
Type:
objectsession create response
Show Source
-
cookieSet: object
CookieSet
-
statusResponse: object
StatusResponse
Status information for API call
Nested Schema : CookieSet
Type:
Show Source
object-
digitalCookie: string
Digital cookie
-
requestId: string
Request identifier
-
secureCookie: string
secure cookie
Nested Schema : StatusResponse
Type:
objectStatus information for API call
Show Source
-
responseCode: string
status code of the request
-
responseMessage: string
response message related to the response code if needed.
-
sessionId: string
session id of the authentcation.
-
status: boolean
authentication update request status
-
transactionId: number
transactionId in case of transaction data.
-
userData: object
SessionUserData
user related data
Nested Schema : SessionUserData
Type:
objectuser related data
Show Source
-
groupName(required): string
group name
-
loginName(required): string
Login name used for authentication
-
userId: string
user identifier.
400 Response
Invalid input
Root Schema : StatusResponse
Type:
objectStatus information for API call
Show Source
-
responseCode: string
status code of the request
-
responseMessage: string
response message related to the response code if needed.
-
sessionId: string
session id of the authentcation.
-
status: boolean
authentication update request status
-
transactionId: number
transactionId in case of transaction data.
-
userData: object
SessionUserData
user related data
Nested Schema : SessionUserData
Type:
objectuser related data
Show Source
-
groupName(required): string
group name
-
loginName(required): string
Login name used for authentication
-
userId: string
user identifier.
401 Response
Unauthorized
500 Response
Internal server error
503 Response
Service Unavailable
Examples
The following example shows a sample request and response for creating an OARM session for a user authentication request.
cURL Command to Create an OARM Session in JSON Format
curl --location --request POST '<RISK>/risk-analyzer/session/v1' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic <Base64Encoded(<username>:<password>)>' \
--data '{
"user": {
"loginName": "testuser",
"groupName": "default",
"userId": "testuser"
},
"ip": {
"remoteIP": "10.175.171.219",
"remoteHost": "TESTCLIENT",
"proxyIP": "10.175.171.219"
},
"fpList": [
{
"cookie": "",
"fingerprint": "accept-encoding#^#gzip, deflate, br#^#accept-language#^#en-GB,en;q=0.9#^#userAgent#^#Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)Chrome/112.0.0.0 Safari/537.36",
"cookieType": "1"
},
{
"cookie": "",
"fingerprint": "acn#^#Mozilla#^#ah#^#1040#^#an#^#Netscape#^#av#^#5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36#^#aw#^#1920#^#cd#^#24#^#ce#^#true#^#gl#^#51.4108518,-0.8705637,16.634#^#h#^#1080#^#je#^#false#^#l#^#en-GB#^#mt#^#application/pdf,text/pdf#^#o#^#true#^#p#^#Win32#^#pd#^#24#^#pl#^#PDF Viewer,Chrome PDF Viewer,Chromium PDF Viewer,Microsoft Edge PDF Viewer,WebKit built-in PDF#^#prod#^#Gecko#^#prods#^#20030107#^#tzo#^#0#^#ua#^#Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.6#^#w#^#1920",
"cookieType": "4"
}
],
"sessionData": {
"authenticationStatus": "999",
"registerDevice": "false",
"clientApplication": "OAA",
"clientType": "0",
"clientVersion": "12.2.1.4.0",
"analyzePatterns": "true"
}
}'Sample Response in JSON Format
{
"cookieSet": {
"digitalCookie": "7f3cae97-1e16-4b98-937b-3aa89a0eb721",
"secureCookie": "2435bb9e-9d91-46ec-a4df-9a168e149cb8",
"requestId": "96eb744b-b84e-4c13-8b78-06b64ad81d94"
},
"statusResponse": {
"responseCode": "0",
"responseMessage": "",
"status": true,
"sessionId": "96eb744b-b84e-4c13-8b78-06b64ad81d94"
}
}cURL Command to Create an OARM Session in XML Format
curl --location --request POST '<RISK>/risk-analyzer/session/v1' \ --header 'Content-Type: application/xml' \ --header 'Accept: application/xml' \ --header 'Authorization: Basic <Base64Encoded(<username>:<password>)>' \ --data ' <?xml version="1.0" encoding="UTF-8" ?> <CreateSessionRequest> <user> <loginName>testuser</loginName> <groupName>default</groupName> <userId>testuser</userId> </user> <ip> <remoteIP>10.175.171.219</remoteIP> <remoteHost>TESTCLIENT</remoteHost> <proxyIP>10.175.171.219</proxyIP> </ip> <fpList> <cookie></cookie> <fingerprint>accept-encoding#^#gzip, deflate, br#^#accept-language#^#en-GB,en;q=0.9#^#userAgent#^#Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)Chrome/112.0.0.0 Safari/537.36</fingerprint> <cookieType>1</cookieType> </fpList> <fpList> <cookie></cookie> <fingerprint>acn#^#Mozilla#^#ah#^#1040#^#an#^#Netscape#^#av#^#5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36#^#aw#^#1920#^#cd#^#24#^#ce#^#true#^#gl#^#51.4108518,-0.8705637,16.634#^#h#^#1080#^#je#^#false#^#l#^#en-GB#^#mt#^#application/pdf,text/pdf#^#o#^#true#^#p#^#Win32#^#pd#^#24#^#pl#^#PDF Viewer,Chrome PDF Viewer,Chromium PDF Viewer,Microsoft Edge PDF Viewer,WebKit built-in PDF#^#prod#^#Gecko#^#prods#^#20030107#^#tzo#^#0#^#ua#^#Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.6#^#w#^#1920</fingerprint> <cookieType>4</cookieType> </fpList> <sessionData> <authenticationStatus>999</authenticationStatus> <registerDevice>false</registerDevice> <clientApplication>OAA</clientApplication> <clientType>0</clientType> <clientVersion>12.2.1.4.0</clientVersion> <analyzePatterns>true</analyzePatterns> </sessionData> </CreateSessionRequest> '
Sample Response in XML Format
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <CreateSessionResponse> <cookieSet> <digitalCookie>7f3cae97-1e16-4b98-937b-3aa89a0eb721</digitalCookie> <secureCookie>2435bb9e-9d91-46ec-a4df-9a168e149cb8</secureCookie> <requestId>96eb744b-b84e-4c13-8b78-06b64ad81d94</requestId> </cookieSet> <statusResponse> <responseCode>0</responseCode> <responseMessage></responseMessage> <status>true</status> <sessionId>96eb744b-b84e-4c13-8b78-06b64ad81d94</sessionId> </statusResponse> </CreateSessionResponse>