Cookies

The REST API uses cookie-based authentication.

Cookies used by the REST API

The following cookies are used by the REST API:

Cookie Description
LWSSO_COOKIE_KEY

Mandatory cookie.

This is the authentication token.

This cookie is expected to be sent in each subsequent request. It is returned in the response of a successful authentication request.

For details, see sign_in.

HPSSO_COOKIE_CSRF A cookie that is related to the protocol for preventing CSRF attacks. For details, see sign_in.

Session management and expiration

In any request you send to the server, return all cookies sent by the server in the preceding response using the "Set-Cookie" header. See http://tools.ietf.org/html/rfc6265. Failing to resend cookies can result in authentication expiration while the user is interacting with the REST API service.

Back to top

See also: