SessionHeader

The SessionHeader holds the client session information.

A SessionHeader object has the following properties:

Name	Type	Description
`sessionId`	`string`	Valid client session ID for the authenticated user. Used with session based password authentication.
`accessToken`	`string`	Valid access token. Used with OAuth 2.0 access token authentication.

Name

Type

Description

sessionId

string

Valid client session ID for the authenticated user. Used with session based password authentication.

accessToken

string

Valid access token. Used with OAuth 2.0 access token authentication.

For examples using the SessionHeader complex type to hold the sessionId for session based password authentication, see the login(), makeURL() and logout() methods, as well as the following sample codes: Java Sample Code – Authentication (SOAP API) and C# Sample Code — Read (SOAP API).
For examples using the SessionHeader complex type to hold the accessToken for OAuth 2.0 token based authentication, see Using SessionHeader for OAuth2.0 Token Based Authentication.

Important:

An invalid OAuth2 access token authorization has priority over a valid session based password authentication. You cannot use a valid Session ID as a fallback for an invalid access token. See Using OAuth 2.0 Access Tokens in Your API Requests.

Using SessionHeader for Client Session ID Authentication

When using client session ID based authentication, the SessionHeader web services method complex type is used to hold the client session ID [sessionId].

Use the syntax given in the following examples:

Sample Code — XML

            <SessionHeader xsi:type="perl:SessionHeader" mlns:perl="http://namespaces.soaplite.com/perl">
      <sessionID xsi:type="xsd:string">client_session_ID</sessionID>
</SessionHeader>

In the example, client_session_ID is the session ID obtained using the login() command.

Sample Code — C#

            // Create service stub
OAirServiceHandlerService _svc = new OAirServiceHandlerService();

// create LoginParam object
LoginParams loginParams = new LoginParams();
loginParams.api_namespace = "<Your_API_Namespace>";
loginParams.api_key = "<Your_API_Key>";
loginParams.company = "<Your_Company_ID>";
loginParams.user = "<Your_User_ID>";
loginParams.password = "<Your_Password>";
loginParams.client = "<Your_client_application>";
loginParams.version = "1.0";
LoginResult loginResult = _svc.login(loginParams);

// Create a new session header object
// Add the session ID returned from the login
_svc.SessionHeaderValue = new SessionHeader();
_svc.SessionHeaderValue.sessionId = loginResult.sessionId;

Sample Code — Java

            // create our login parameters
LoginParams lp = new LoginParams();
lp.setApi_namespace("<Your_API_Namespace>");
lp.setApi_key("<Your_API_Key>");
lp.setCompany("<Your_Company_ID>");
lp.setUser("<Your_User_ID>");
lp.setPassword("<Your_Password>");
lp.setClient("<Your_client_application>");
lp.setVersion("1.0");

// set the service URL from our arguments
OAirServiceHandlerServiceLocator locator = new OAirServiceHandlerServiceLocator();
locator.setOAirServiceAddress("https://company-id.app.netsuitesuiteprojectspro.com/soap");

// now login
OAirServiceSoapBindingStub binding =
(OAirServiceSoapBindingStub)locator.getOAirService();
LoginResult loginResult = binding.login(lp);

// Create a new session header object
// Add the session ID returned from the login
SOAPHeaderElement header = new SOAPHeaderElement("https://company-id.app.netsuitesuiteprojectspro.com/OAirService", "SessionHeader");
SOAPElement node = header.addChildElement("sessionId");
node.addTextNode(loginResult.getSessionId());
binding.setHeader(header);

Using SessionHeader for OAuth2.0 Token Based Authentication

When using OAuth 2.0 token based authentication, the SessionHeader web services method complex type is used to hold the OAuth 2.0 access token (accessToken) instead of the signed in user Session ID (sessionId).

Use the syntax given in the following examples:

Sample Code — XML

            <SessionHeader xsi:type="perl:SessionHeader" mlns:perl="http://namespaces.soaplite.com/perl">
      <accessToken xsi:type="xsd:string">OAuth2_access_token</accessToken>
</SessionHeader>

In the example, OAuth2_access_token is the OAuth 2.0 access token obtained for the client application connecting to SuiteProjects Pro.

Sample Code — C#

            // Create service stub
OAirServiceHandlerService _svc = new OAirServiceHandlerService();

// POST Request to get access_token

// Create a new session header object and add the access token
_svc.SessionHeaderValue = new SessionHeader();
_svc.SessionHeaderValue.accessToken = response.access_token;

Sample Code — Java

            // Set the service URL
OAirServiceHandlerServiceLocator locator = new OAirServiceHandlerServiceLocator();
locator.setOAirServiceAddress("https://company-id.app.netsuitesuiteprojectspro.com/soap");

// POST Request to get access_token

// Create a new session header object and add the access token
SOAPHeaderElement header = new SOAPHeaderElement("https://company-id.app.netsuitesuiteprojectspro.com/OAirService", "SessionHeader");
SOAPElement node = header.addChildElement("accessToken");
node.addTextNode(access_token);
binding.setHeader(header);

For more information about OAuth 2.0, see OAuth 2.0 for Integration Applications Developers.