Session management

An authentication cookie in the Dynamic API contains user credentials and one or more session IDs.

Authentication Cookie

The Dynamic API uses the same style authentication cookie as the Insights Platform user interface. When an API session with the Insights Platform is established, the system passes back an authentication cookie. The cookie header is then sent with every request. The authentication cookie header contains the user ID (uid), session ID (sid), and encrypted password (epw), and looks similar to the following:

Cookie: session=csmith|1475447829|_______a664ecc48415c4962bcf26b35f...

Note: The actual encrypted password is longer than the example above.

The user ID is your user ID for logging in to the Insights Platform.

The session ID is a unique identifier for your session. It is created when the session is created and ceases to exist once the session has ended. Combined, your session ID and encrypted password are a secure and reliable set of credentials for sending successive transactions in the same API session.

You can have multiple session IDs in a single authentication cookie, if, for example, you are calling the API from a QuickApp and you are logged into multiple sessions. You can specify sid=nnnnnn to refer to a specific session in the cookie. By default, the API runs the first session in the cookie.

The authentication cookie is only valid for the life of the Insights Platform session.