Skip to content

Accounts

Authentifcation and authorization is based on access tokens, which can be retrieved by using the accounts/login endpoint. A typical use of the API starts by a login to retrieve the access token followed by subsequent calls to the other endpoints with the token being provided in the request header.

Endpoint: accounts/login

Users of the API have to login in order to acquire an access token, which has to be sent as part of the HTTP header of every HTTP request to the API. You may also want to set the content type for requests and responses to application/json to simplify the processing of the responses. The following sequence diagram and python code illustrate how the login endpoint works.

sequenceDiagram
    participant C as Client
    participant S as SESAM API
    C->>+S: POST accounts/login (username, password)
    S->>-C: authentication token ab54cd....
Example Code
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
import requests

with requests.Session() as session:
    data = {"username": "<username>", "password": "<password>"}
    response = session.post("https://sesam.co4e.com/api/v1/accounts/login", data=data)
    token = response.json().get("key")
    session.headers.update(
        {
            "Content-type": "application/json",
            "Accept": "application/json",
            "Authorization": f"Token {token}",
        }
    )

Endpoint: accounts/logout

Users may chose to logout of SESAM in order to invalidate the access token from the previous call to the accounts/login endpoint.

sequenceDiagram
    participant C as Client
    participant S as SESAM API
    C->>+S: accounts/logout
    S->>-C: OK
Example Code
1
2
3
4
5
import requests

with requests.Session() as session:
    # ... do some work ...
    response = session.post("https://sesam.co4e.com/api/v1/accounts/logout")