Skip to content

Exchange session_token for sso_ticket API

When exchanging user information, first call this API to exchange for sso_ticket.

Request Description

POST https://{your_domain}/api/v2/tenant/sso/session-token/sso-ticket

Request Headers

Parameter NameNameRequiredTypeExample
AuthorizationAuthorization informationYesStringBearer {access_token}
content-typeContent format typeYesStringapplication/json

Request Example

json
{
    "session_token": "iJKVWQVfFvIQWffsTlSxTf02MV3dpITu", 
    "operating_sys_version": "windows10.1.1", 
    "device_ip": "192.168.1.1", 
    "device_fingerprint": "156aysdna213sac", 
    "agent": "agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.82 Safari/537.36"
}

Request Parameters

Parameter NameNameRequiredTypeDescription
session_tokenToken returned after user login successYesString
operating_sys_versionCaller client operating system versionYesStringExample: windows10.1.1
device_ipCaller client device IPYesStringExample: 192.168.1.2
device_fingerprintCaller client device fingerprintYesStringThis parameter value needs to remain consistent when the same user calls the API. Example: 156aysdna213sac
agentUser-Agent informationNoStringMozilla/5.0 (iPhone; CPU iPhone OS 13_3 like Mac OS X)

Response Example

Success Example

HTTP/1.1 200 OK

json
{
    "expire": 300, 
    "sso_ticket": "ssoTicket-y0w1ODvy7v0000nCa91OYoj1Bzxqfesy"
}

Response Parameters

Parameter NameNameTypeDescription
expireExpiration timeNumber
sso_ticketOne-time ticketStringExchange one-time access ticket sso_ticket using session_token after user login; sso_ticket can be exchanged for user information

BambooCloud IDaaS Open Platform