Open topic with navigation
The REST API uses cookie-based authentication.
Cookies used by the REST API
The following cookies are used by the REST API:
This is the authentication token.
This cookie is expected to be sent in each subsequent request. It is returned in the response of a successful authentication request.
For details, see sign_in.
|HPSSO_COOKIE_CSRF||A cookie that is related to the protocol for preventing CSRF attacks. For details, see sign_in.|
Session management and expiration
In any request you send to the server, return all cookies sent by the server in the preceding response using the "Set-Cookie" header. See http://tools.ietf.org/html/rfc6265. Failing to resend cookies can result in authentication expiration while the user is interacting with the REST API service.