Obtaining session information via API

This guide will walk you through the process of retrieving a user's session data using the Session API functionality. This feature allows to fetch information from the logged in user's session in Onegini IDP. The session information can be used to perform additional actions for the user in the ui-extension.

What is required?

To successfully complete this topic guide you need to ensure following prerequisites:

  • Onegini IDP instance must to be running, for the sake of this guide we assume it's available under http://dev.onegini.me/idp-core address
  • Onegini IDP ui-extension must to be running, for the sake of this guide we assume it's available under http://dev.onegini.me/ui-ext address
  • access to the Onegini IDP admin console
  • at least one user must be registered within the Onegini IDP instance

Configuration

The Session API feature is enabled automatically when you define a base url of the ui-extension. Go to admin panel UI-Config section and enter the ui-extension url, e.g. http://dev.onegini.me/ui-ext.

Retrieving user session information

To retrieve the user's session information the user must be logged in to the Onegini IDP instance. This will generate a domain cookie named idp_session_magmt_token with a session management token. You can obtain the session information using the token in the cookie.

From within the ui-extension application the cookie information can be obtained. For this both the core and the ui-extension should use the same domain. Using the cookie information the session api can be call to obtain for the user's session data.

The full api specification can be found in the Session api reference guide.

URL
  GET http://dev.onegini.me:8081/idp-core/api/session/
Required header parameter
{
  "X-Onegini-Session-Mgmt-Token": "string"
}

The X-Onegini-Session-Mgmt-Token must contain the session management token obtained from the cookie.

Response

In response you will receive the personId and subset of person related data. You can fetch the data at any time as long as user session is maintained on the idp-core side.