Sessions Create API

Route

POST

Purpose

Create a session object.


Parameters sensitive params


email string 1 required
Email of the user attempting to login.
password string 2 required
Password of the user attempting to login.
application string 3 required
Application slug of the application you would like to login to.
redirect_url string 3
Redirect URL param to pass through to the UI.
view string 4
View of session object your would like to be returned.
application_view string 110
View of application object you would like returned.
session_view string 300
View of session object you would like returned.

Request Body Example: text/plain

Responses

action-successful 200

This status indicates that the request was successful. If the request returns data, it can be found in the data key.

email-not-found 400

This status indicates that the email passed isn't recongized by our system.

invalid-password 400

This status indicates that the password passed did not match the email passed.

user-has-no-password 400

This status indicates that the user attempting to login manually has NULL or a blank password. This generally means that they registered with Google OAuth and there for will need to login using Google or Magic Link. Users can add a password if they want, but will need to login using the previously mentioned methods first.

user-requires-role 400

This status indicates that the user requesting the session doesn't have a client, employee or liaison role. This would be the case if a user started, but didn't finish the registration processes.

client-required 401

This status is returned when the user makeing the request doesn't have a client, employee or liaison record. This means that they don't have any roles or permissions. Because we only allow our clients to register as a client, the user should be redirected to the PlanoAuth clients registration page where they can use the `/api/v1/users/client_register` API to register as a client. Eventhough the request will not be successful, this status will still return a `data` object because a session token is needed to register as a user.

invalid-token 401

This status is returned when the authentication token passed is invalid.

session-expired 401

This status is returned a session is older than seven days or hasn't been used in 72 hours. The user will need to reauthenticate. We allow our users to save a remember_me preference which will make there sessions last indefinitely.

missing-param 400

This status is returned when a required param was not passed with the request.

invalid-param 400

This status is returned when a param was invalid when passed. For example, passing an id that doesn't exist or passing an invalid email address.

application-crash 500

This status is returned when there is an internal server error. Please try again later.

mandrill-email-failed 500

This status is returned when there was an issue using Mandrill to send an email. Any time this response is returned, there will be a notification in the production notifications tab so the dev team will be away of the failure. These errors will most likely correlate with a data issue and will need to be invesigated.

invalid-content-type 400

This status is returned if the request was made with the incorrect content-type so the request params could not be read. For more infromation on content-type, please refer to https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Type.

route-non-existent 500

Response returned when HTTP route does not exist.

Uncommon Responses

The responses below are not very common.

no-params-decoded Uncommon

This status is returned the request body was decoded, but no params where found.

invalid-encoded-params Uncommon

This status is returned when the request body could not be decoded properly. This generally means that you are requesting a sensative_params API and your request body was not base64 encoded.

route-not-found Uncommon

This status is returned when the route record being requested hasn't been deployed yet.

identify-request-error Uncommon

This status is returned when there is an internal server error before the route could be identified. Please try again later.

service-not-found Uncommon

This status is returned when the route's API service record being requested hasn't been deployed yet.