Returns the session key bound to an auth_token, as returned by up.auth.createToken. Should be called immediately after the user has logged in.
| Type | Name | Required | Description |
|---|---|---|---|
string
| api_key | ✔ | The application key associated with the calling application. |
string
| sig | ✔ | An MD5 hash of the current request and your secret key, as described in the authentication guide. |
string
| format | Desired response format. Either XML (default) or JSON.
| |
string
| auth_token | ✔ | The token returned by Up.auth.createToken and passed into login script. |
Note that for desktop applications this method must be called at the https endpoint instead of the http endpoint, and its return value is slightly different (as noted below). Note also that this function does not require a session_key. The session key is storable for the duration of the session, and the uid is storable indefinitely.
<?xml version="1.0" encoding="UTF-8"?> <auth_getSession_response> <session_key>5f34e11bfb97c762e439e6a5<session_key> <uid>8055</uid> <expires>1173309298</expires> </auth_getSession_response>
If the user has successfully logged in, this will return valid values for each field. The expires element is a Unix time that indicates when the given session will expire. If the value is 0, the session will never expire. See the authentication guide for more information.
For desktop applications, the top-level element auth_getSession_response will have an additional element named secret that should be used as the session's secret key as described in the authentication guide.
| Code | Description |
|---|---|
| 1 | An unknown error occurred. Please resubmit the request. |
| 2 | The service is not available at this time. |
| 4 | The application has reached the maximum number of requests allowed. More requests are allowed once the time window has completed. |
| 5 | The request came from a remote address not allowed by this application. |
| 100 | One of the parameters specified was missing or invalid. |
| 101 | The api key submitted is not associated with any known application. |
| 104 | Incorrect signature. |