Retrieve Sessions based on provided query filter
post
/oam/services/rest/access/api/v1/sessions
The sessions endpoint returns information about the sessions.
The response includes sessionId, user name, Identity Store, session create date,
ip address and other details about each session..
Request
Query Parameters
-
idStore: string
Identity Store name for the users, whose sessions are to be searched.
-
sessionId: string
Session Id of the session if single session is to be queried.
-
userId: string
User login id of the user, whose sessions are to be searched.
Detailed query criterion for searching the sessions.
Root Schema : SessionSearchQuery
Type:
Show Source
object-
clientIp:
string
Client IP Address query filter.
-
expiryTime:
string(date-time)
Expiry Time query filter.
-
fromIndex:
integer
Session from index for querying the session. This parameter is used in conjunction with the pageSize. This parameter is not used.
-
idStoreName:
string
Session Identifier for querying the session.
-
isImpersonating:
boolean
Session Identifier for querying the session.
-
lastAccessTime:
string(date-time)
Last Access Time query filter.
-
pageSize:
integer
PageSize desired for the output. This parmeter is not used.
-
sessionId:
string
Session Identifier for querying the session.
-
updateTime:
string(date-time)
Update Time query filter.
-
userAttributes:
object UserAttributes
Additional Properties Allowed: NameValueAttributeCollection of Name Value pair attributes
-
userId:
string
User Id query filter.
Nested Schema : UserAttributes
Type:
objectAdditional Properties Allowed
Show Source
Collection of Name Value pair attributes
Show Source
Nested Schema : NameValueAttribute
Type:
Show Source
object-
attrName:
string
Attribute Name
-
attrValue:
string
Attribute Value
Response
Supported Media Types
- application/json
200 Response
A session result object that contains an array of sessions with maximum of 28 sessions is returned. It also contains other summary information.
Root Schema : SessionResults
Type:
Show Source
object-
firstLink:
string
Link(http(s)) to the first session page in the results.
-
nextLink:
string
Link(http(s)) to the next sessions page in the results.
-
previousLink:
string
Link(http(s)) to the previous sessions page in the results.
-
sessions:
object Sessions
Collections of SessionData Objects.
-
totalRecords:
integer
total number records available as a result of this query. This page may be only part of those total records.
Nested Schema : SessionData
Type:
Show Source
object-
clientIp:
string
Client IP Address for the session.
-
createTime:
string(date-time)
Time at which session was created.
-
expiryTime:
string(date-time)
Expiry Time for the session.
-
idStoreName:
string
Session Identifier where user is located for this session.
-
isImpersonating:
boolean
Indicator if this is impersonating user session.
-
lastAccessTime:
string(date-time)
Last Access Time for session.
-
sessionId:
string
Session Identifier for querying the session.
-
sessionIndex:
string
Unique session identified generated by OAM session engine.
-
updateTime:
string(date-time)
Update Time for session.
-
userAttributes:
object UserAttributes
Additional Properties Allowed: NameValueAttributeCollection of Name Value pair attributes
-
userId(required):
string
User Id with which session is associated.
Nested Schema : UserAttributes
Type:
objectAdditional Properties Allowed
Show Source
Collection of Name Value pair attributes
Show Source
Nested Schema : NameValueAttribute
Type:
Show Source
object-
attrName:
string
Attribute Name
-
attrValue:
string
Attribute Value
401 Response
Unauthorized
404 Response
Requested Data Not found
500 Response
Internal Server Error
Examples
Use the userId to search for sessions pertaining to a particular user
If you have the clientIp, you can search for all the sessions coming from that client address.
Note:
Searching a session lists out only 28 sessions per query and the displayed search results are not paginated.
cURL Example
This is a sample request where the userId is provided to search for the sessions of a particular user.
curl -H "Content-Type: application/json" -H "Authorization: Basic <Base64 encoded auth header>" -X POST -d '{"userId":"user2"}' http://<HOST>:<PORT>/oam/services/rest/access/api/v1/sessions
Example of Request Body
The following example shows the contents of the response body in JSON format.
<?xml version="1.0" encoding="UTF-8"?> <SessionResults> <totalRecords>2</totalRecords> <sessions> <sessionData> <sessionId>53f96ca1-e65a-47ee-a758-a1cebb63f4b3|L+h1SktCgMtjnOnmIWL+gnpIstrT9hGuPD0beqGK5Cc=</sessionId> <createTime>2017-05-31T13:56:19.000-07:00</createTime> <updateTime>2017-05-31T13:56:19.000-07:00</updateTime> <lastAccessTime>2017-05-31T13:56:19.000-07:00</lastAccessTime> <userId>user2</userId> <clientIp>5.6.7.8</clientIp> <idStoreName>UserIdentityStore1</idStoreName> <isImpersonating>false</isImpersonating> </sessionData> <sessionData> <sessionId>a3d62e11-3f22-4336-b76c-e8f8cbd46306|L+h1SktCgMtjnOnmIWL+gnpIstrT9hGuPD0beqGK5Cc=</sessionId> <createTime>2017-05-31T13:55:43.000-07:00</createTime> <updateTime>2017-05-31T13:55:43.000-07:00</updateTime> <lastAccessTime>2017-05-31T13:55:43.000-07:00</lastAccessTime> <userId>user2</userId> <clientIp>1.2.3.4</clientIp> <idStoreName>UserIdentityStore1</idStoreName> <isImpersonating>false</isImpersonating> </sessionData> </sessions> </SessionResults>
cURL Example
This is a sample request where the clientIp is provided to search for all the sessions coming from that client address.curl -H "Content-Type: application/json" -H "Authorization: Basic <Base64 encoded auth header>" -X POST -d '{"clientIp":"1.2.3.4"}' http://<HOST>:<PORT>/oam/services/rest/access/api/v1/sessions
Example of Request Body
The following example shows the contents of the response body in JSON format.
<?xml version="1.0" encoding="UTF-8"?> <SessionResults> <totalRecords>4</totalRecords> <sessions> <sessionData> <sessionId>a9cacf25-18cc-4d72-9237-e32394fa294e|U90idWYSK4hXcdo6LlVD2+JuHBLvbGtCbbhlfmoDvMA=</sessionId> <createTime>2017-05-31T13:57:32.000-07:00</createTime> <updateTime>2017-05-31T13:57:32.000-07:00</updateTime> <lastAccessTime>2017-05-31T13:57:32.000-07:00</lastAccessTime> <userId>user5</userId> <clientIp>1.2.3.4</clientIp> <idStoreName>UserIdentityStore1</idStoreName> <isImpersonating>false</isImpersonating> </sessionData> <sessionData> <sessionId>32de23f1-9f53-47e7-b4d5-9d0376187241|c+4quN74tM7P6qvbYVqa6BQOg3RYHDsFT3PzPajvEzM=</sessionId> <createTime>2017-05-31T13:56:35.000-07:00</createTime> <updateTime>2017-05-31T13:56:35.000-07:00</updateTime> <lastAccessTime>2017-05-31T13:56:35.000-07:00</lastAccessTime> <userId>user3</userId> <clientIp>1.2.3.4</clientIp> <idStoreName>UserIdentityStore1</idStoreName> <isImpersonating>false</isImpersonating> </sessionData> <sessionData> <sessionId>a3d62e11-3f22-4336-b76c-e8f8cbd46306|L+h1SktCgMtjnOnmIWL+gnpIstrT9hGuPD0beqGK5Cc=</sessionId> <createTime>2017-05-31T13:55:43.000-07:00</createTime> <updateTime>2017-05-31T13:55:43.000-07:00</updateTime> <lastAccessTime>2017-05-31T13:55:43.000-07:00</lastAccessTime> <userId>user2</userId> <clientIp>1.2.3.4</clientIp> <idStoreName>UserIdentityStore1</idStoreName> <isImpersonating>false</isImpersonating> </sessionData> <sessionData> <sessionId>c639fb4d-f467-4da3-88c8-0e6754d809a7|hUNJ4YlF30b5ycVlEq7iZ8LwFa8i9G5QhmKdkr3TizU=</sessionId> <createTime>2017-05-31T13:57:17.000-07:00</createTime> <updateTime>2017-05-31T13:57:17.000-07:00</updateTime> <lastAccessTime>2017-05-31T13:57:17.000-07:00</lastAccessTime> <userId>user4</userId> <clientIp>1.2.3.4</clientIp> <idStoreName>UserIdentityStore1</idStoreName> <isImpersonating>false</isImpersonating> </sessionData> </sessions> </SessionResults>