Link Search Menu Expand Document

Creating a session on behalf of a user

  • Call name: session
  • Endpoint URL: https://api0.spaaza.com/auth/session
  • Request methods: POST
  • Request Content-Type: multipart/form-data or application/x-www-form-urlencoded
  • Response Content-Type: application/json
  • Auth required: yes (for privileged authentication)
  • X-Spaaza-MyPrice-App-Hostname header required: yes (for privileged authentication)

This API call allows you to create a user session when provided with valid credentials.

Note that this call works in two possible ways:

  • With privileged authentication, it is possible to create a session for an end-user if the token used has sufficient permissions
  • Without privileged authentication, a session_passcode and session_passcode_key resulting from a login request for an admin user can be exchanged for a user session

HTTP Parameters

If the call uses privileged authentication, one of the HTTP parameters below must be passed to the API endpoint to identify the user:

Parameter Description
username (string) The username (email address) of the user
user_id (string/integer) The Spaaza user id of the user.
member_number (string) The unique membership number or code for the shopper.
authentication_point_identifier (string) The ID of the customer on a third-party identity system, such as a webstore. In order to be used, this value must be known in the Spaaza system.

If the call does not use privileged authentication, both of the following HTTP parameters below must be passed to the API endpoint to identify the user:

Parameter Description
session_passcode (integer) The session passcode for the user.
session_passcode_key (string) The session passcode key for the user.

Permissions and Authentication

If the call uses privileged authentication, it requires a valid Spaaza session. The session can be as follows:

Parameter Description
privileged An OAuth-based mechanism for trusted third-parties, the use of privileged authentication is permitted for this endpoint.

Headers

If the call uses privileged authentication, the following headers can/must be passed to the API call:

Parameter Description
X-Spaaza-MyPrice-App-Hostname (mandatory) The hostname of the app the user is affiliated with.

Results

Returns an OK code and a JSON document for the user, including the session_info for the user which can be used to access other Spaaza endpoints. A sample is shown below:

{
    "result": {
        "code": 1,
        "status": "ok"
    },
    "results": {
        "user_info": {
            "id": 3636813,
            "user_id": 3636813,
            "first_name": "Jane",
            "last_name": "Smith",
            "birthday": "1980-01-01T00:00:00+00:00",
            "signup_channel": "mobile:ios",
            "username": "jane.smith@example.com",
            "authentication_point_identifier": null,
            "auxiliary_identifier": null,
            "mailing_list": {
                "mailing_list_sub_offered": false,
                "mailing_list_subscribed": true,
                "printed_mailing_list_subscribed": true
            },
            "entity_code": {
                "type": "regular",
                "code": "3636813"
            },
            "opt_in_programme": {
                "programme_opted_in": false,
                "join_date": "2020-05-18T09:32:57+00:00"
            },
            "obfuscated": false,
            "country_code": null,
            "address_streetname": null,
            "address_housenumber": null,
            "address_housenumber_extension": null,
            "address_line_2": null,
            "address_line_3": null,
            "address_towncity": null,
            "address_regionstate": null,
            "address_postalcode": null,
            "member_number": "3636813",
            "language": "en-GB",
            "opt_in_secondary": null,
            "opt_in_secondary_last_modified_date": null,
            "registered": true,
            "is_employee": false,
            "push_notification_subscription": {
                "subscribed": false,
                "subscriptions": []
            },
            "loyalty_status": null,
            "frequency": 0,
            "recency": 0,
            "monetary": 0,
            "overall": 0,
            "stores": "",
            "online_shopper": false,
            "offline_shopper": false,
            "average_basket_value": "0.00",
            "days_since_last_purchase": null,
            "number_of_purchases": 0,
            "referring_user": null,
            "referral_code": "lxzwvs"
        },
        "session_info": {
            "session_key": "84f895eda81892bacf53ac2538d96d14fda32a50889f55e85fa461e241e31f65",
            "session_auth_method": "password",
            "session_key_validity": "15552000",
            "session_user_id": 3636813,
            "session_username": "jane.smith@example.com",
            "session_expires_date": "2021-04-28 11:14:40"
        },
        "result_type": "session"
    }
}