Frequently Asked Questions
Frequently Asked Questions
REST API - logging out of session
Posted by Henri Huhtamäki (M-Files) on 18 December 2019 04:34 PM

Overview

REST API session deletion (=logging out) includes a small but important addition to authentication to work.

Solution

Please see this link for information about REST API Session

https://developer.m-files.com/APIs/REST-API/Reference/resources/session/

 

Note that there is a delete option for session, which equals to a logout.

POST http://localhost/REST/session?_method=DELETE

 

However, when you are testing this you might run into the following error message:

{

    "Status": 403,

    "URL": "/session",

    "Method": "POST",

    "Exception": {

        "Name": "UnauthorizedAccessException",

        "Message": "Current session is not allowed to modify its state."

    },

    "Stack": "Error reference ID: 65bfff16-c451-41b4-b1dd-e1db5f14f209",

    "Message": "Current session is not allowed to modify its state.",

    "IsLoggedToVault": true,

    "IsLoggedToApplication": true,

    "ExceptionName": "UnauthorizedAccessException"

}

 

This is because when creating the session via authentication, you need to add a session ID property for the connection for the delete session to work.

NOTE: SessionID needs to be a unique value, such as a generated GUID for each authentication request.

 

 

So, the authentication looks like this:

{

"Username": "user",

"Password": "password",

"VaultGuid": "{vault guid}",

"sessionID" : " e04084af-02cf-4009-bb83-2732cd5a6ffc"

}

 

And now, when you POST http://localhost/REST/session?_method=DELETE using the token from the authentication. session delete will return

 

{

    "Value": true

}

(0 vote(s))
This article was helpful
This article was not helpful

Help Desk Software by Kayako case