Versions Compared

Old Version 4

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. For the request, you need the EntityID of the SAML2 application or the client_id of the OAuth2 application.

  2. The id_token and userinfo response contains an OAuth2 extension called session_index. You must pass this session_index value to the non-interactive applicaation application and then call our /uas/status endpoint in the back channel using the sessionIndex and entityID parameters.
    The session_index value cannot be used to retrieve user information, only for finding out if there is a valid session or not.

    e.g.

    https://XXXXXX.example.com/uas/status?entityID={client_id}&sessionIndex={session_index}&type=application/json

    The response is by default in JSON format. Other formats are supported if sending the query parameter “type”

    “application/xml” or “application/json” for XML or JSON respectively.

  3. If there is a session, the request message looks like this:

    Code Block
    themeRDark
    titleRequest
    https://mno.ubidemo.com/uas/status?entityID=c495bb59-f0ae-430a-9830-ca8228aa58fe&sessionIndex=_d6ee2628b0d493809650c06b2653083511d6e474

    The response is in JSON format

    Code Block
    themeRDark
    titleResponse
    {
  "valid": true,
  "issueInstant": 1499433097694,
  "refresh": false,
  "entityID": "c495bb59-f0ae-430a-9830-ca8228aa58fe",
  "sessionIndex": "_d6ee2628b0d493809650c06b2653083511d6e474",
  "sessionNotOnOrAfter": 1499436584471,
  "authnInstant": 1499432984462
}


  4. If you include the refresh parameter, the user session is extended:

    Code Block
    themeRDark
    titleRequest
    https://mno.ubidemo.com/uas/status?entityID=c495bb59-f0ae-430a-9830-ca8228aa58fe&sessionIndex=_d6ee2628b0d493809650c06b2653083511d6e474&refresh=true

    Notice how the sessionNotOnOrAfter value increases in the response

    Code Block
    themeRDark
    titleResponse
    {
  "valid": true,
  "issueInstant": 1499433264743,
  "refresh": true,
  "entityID": "c495bb59-f0ae-430a-9830-ca8228aa58fe",
  "sessionIndex": "_d6ee2628b0d493809650c06b2653083511d6e474",
  "sessionNotOnOrAfter": 1499436864743,
  "authnInstant": 1499432984462
}


  5. If there is no session, the message looks like this:

    Code Block
    languagejs
    themeRDark
    titleInvalid session response
    {
   "valid":false,
   "issueInstant":1495183121690
}


...

Info
Consider system performance when designing when and how often to make such requests to prevent unnecesary unnecessary load.

Filter by label (Content by label)
showLabelsfalse
max5
spacesKNB
showSpacefalse
sortmodified
reversetrue
typepage
cqllabel in ("oauth2","saml2","session") and type = "page" and space = "KNB"
labelsoauth2 saml2 session

...