Queries related to session key
Hi,
I would like to know the following things regarding Lithium session key.
- What is standard timeout for a session key? Is it configurable? What is default configured value for any community?
- What is recommended way to use session key in Lithium community? Do I need to generate it per API call or can I reuse it? Can I keep session key in cache?
- Is there any API for validation of the session key?
Thanks!
The session key expires after 30 minutes of inactivity. You can use it as long as you want but there should be an activity within 30 minutes. Regarding the authentication, if there is no call to check if you session key has expired, however you can make any API call using session key,if it is expired it will return the following response.
<?xml version="1.0" encoding="utf-8" standalone="yes"?> <response status="error"> <error code="301"> <message> Invalid session key..body </message> </error> </response>
</xml>If you want to make a call from inside lithium community, you don't need to use session key for this. However, it is required, if you want to make an API call from outside of lithium community.
Reference https://community.lithium.com/t5/Developer-Documentation/bd-p/dev-doc-portal?section=sessionauth
