Link Search Menu Expand Document

Getting user session status

If the session is valid, returns an ok signal. An example is below:

{
  "result": {
      "code": 1,
      "status": "ok"
  },
  "results": {
      "id": 114521,
      "user_id": 114521,
      "first_name": "Sam",
      "last_name": "test56767",
      "gender": "M",
      "birthday": "1982-05-21",
      "username": "test56767@cowcam.com",
      "mailing_list": {
          "mailing_list_sub_offered": false,
          "mailing_list_subscribed": false,
          "printed_mailing_list_subscribed": false
      },
      "entity_code": {
          "type": "custom",
          "code": "3021879"
      },
      "result_type": "get-login-status"
  }
}

If the session’s auth_method was “facebook”, extended information will be returned with the Facebook access token and detail about the expiry:

{
  "result": {
      "code": 1,
      "status": "ok"
  },
  "results": {
      "user_id": 68076,
      "username": null,
      "user_facebook_id": "100005264048981",
      "user_facebook_access_token": "AAADPxlzKZBy8BACux13ZCpass309BuPZA9tFpcVvZCP0zdzBlbyqTXwPnl7YpIbMLgqfoktUcaD4ZAOO1VS128bSx2tvuxDEgKCwjHxR6PkZCOCZAGLD7x7",
      "user_facebook_access_token_expires": 3600,
      "user_facebook_access_token_expires_timestamp_utc": "2017-03-08 00:14:40",
      [...]
      "mailing_list": {
          "mailing_list_sub_offered": false,
          "mailing_list_subscribed": false,
          "printed_mailing_list_subscribed": false
      },
      "entity_code": {
          "type": "custom",
          "code": "3024075"
      }
      "result_type": "get-login-status"
  }
}
  • Call name: get-login-status
  • Endpoint URL: https://api0.spaaza.com/auth/get-login-status
  • Request methods: POST
  • Auth required: no

When supplied with a username and session key, this API checks whether there’s a valid session for the username which has a matching session key. If there is a valid session, it returns code 1 (okay). If there is no valid session, it returns with an error.

The response also returns various details about the user, including email address (if present), date of birth and mailing-list subscription info.

Version-specific information

The following version-specific changes apply to this endpoint. See the versioning page for more details.

Version Change details
>= 1.4.10 The gender parameter returned supports values male, female, nonbinary, transgender, agender, genderqueer, genderfluid, bigender, twospirit, androgynous, pangender, neutrois, demigender and other.

HTTP Parameters

The following HTTP POST parameters can be passed to the API:

Parameter Description
username mandatory if user_id is not passed The username (email address) of the user
user_id mandatory if username is not passed The user id of the user whose session’s validity is being checked
session_key mandatory The session key associated with the session of the user

Permissions

This API call requires no specific permissions.

Headers

The following headers can/must be passed to the API call:

X-Spaaza-MyPrice-App-Hostname (mandatory for programme member/non-admin sessions) The hostname of the app which the login session is associated with. This header is mandatory when authenticating an end user (shopper or programme member). When authenticating an admin user, webshop or POS this header can be excluded.