authorizeWebApiSession

Authorize a WebApi-Session that has previously created with createWebApiSession.

API version

1.0

Working example URL: https://en.onlinedemo.picapport.de/picapportapi/1.0/authorizeWebApiSession?uid=picapport&pw=encodedPassword

Parameter

apisid string 7.4 yes Session-ID returned from createWebApiSession.

uid string 7.4 yes A valid PicApport user ID

string

7.4

yes

The encrypted password. The encryption algorithm used is based on the algorithm returned from the
createWebApiSession.

If configuration parameter webapi.DISABLE.PASSWORD.ENCRYPTION
has been set to true password must not be encrypted.

Check the authorizeWebApiSession() function in sourcecode(select view source) of PicApport WebApi-frontend on https://en.onlinedemo.picapport.de/picapport-webapitest.html.

Example code for password encryption with Forge if algorithm = RSA

var password = document.getElementById("pw").value;
var encryptedPassword = forge.util.createBuffer(
                          forge.pki.rsa.encrypt(password, forge.pki.setRsaPublicKey(
                             new forge.jsbn.BigInteger(enc.modulus, 16),
                             new forge.jsbn.BigInteger(enc.exponent, 16)), 2)).toHex();

returnatu

boolean

9.2

Optional parameter. If Set to true the AccsessTokenUser for the account will be returned if it exists.

We strongly recommend to use the parameter only in https:// secured environments.

Result

mime type	application/json
content	Session token to identify the authorized session
http status codes	200 OK 400 Bad Request 403 Forbidden 404 Not Found 500 Internal Server Error 501 Not implemented

Result:JSON

apisid	string	7.4	Session-ID returned from createWebApiSession
uid	string	7.4	A valid PicApport user ID
atu	string	9.2	Return the AccessTokenUser of the account if it exists and if request parameter returnatu has been set to true.