Authentication API

Login / Verify Login

POST /api/2/auth/(username)/login.json
  • since 2.10

Log in the given user for the given device via HTTP Basic Auth.

Parameters:
  • username – the username which should be logged in
Status Codes:
  • 401 Unauthorized – If the URL is accessed without login credentials provided
  • 400 Bad Request – If the client provides a cookie, but for a different username than the one given
  • 200 OK – the response headers have a sessionid cookie set.

The client can use this URL with the cookie in the request header to check if the cookie is still valid.

Logout

POST /api/2/auth/(username)/logout.json
  • since 2.10

Log out the given user. Removes the session ID from the database.

Parameters:
  • username – the username which should be logged out
Status Codes:
  • 200 OK – if the client didn’t send a cookie, or the user was successfully logged out
  • 400 Bad Request – if the client provides a cookie, but for a different username than the one given