Soap API Services User Authentication

polonius · September 6, 2010, 7:49am

SOAP Authenication is mentioned in the 3.36-3.28 Changelog

[quote]

http://matrix.squiz.net/developer/changelogs/3.28.x/3.26.x-3.28.0

New Soap Authentication Feature Allows Users to Login

[ Feature Request #4377 ]

A new API function is added to SOAP Asset Service to allow authentication to MySource Matrix using username and password. Upon logging in, the API function will produce a session id and a session key, which can be used to authenticate cross domain.

[/quote]

Certainly the API returns a session ID and a Session key.

How can or should the session ID and Session key be used to authenticate subsequent SOAP requests?

Should they be returned as parameter values? If so what is the Parameter name?

Should they be included in the HTTP header? If so How.

I’d appreciate any help, suggesions, or pointers to relevant documentation… please?

regards

Polonius

gsherwood · September 6, 2010, 9:50am

The keys sent back are designed to allow you to visit a URL in a browser and be logged in, although you can do this via a script if you maintain the cookie correctly.

The URL format is: http://matrixdomain.com/?SESSION_ID=sessionid&SOAP_SESSION_KEY=soap_session_key

polonius · September 9, 2010, 1:05pm

Thank You Greg,
Session Id and Keys in the URL did the trick.

Polonius