Generate federated session token - Rhombus Developer Documentation

curl --request POST \ --url https://api2.rhombussystems.com/api/org/generateFederatedSessionToken \ --header 'Content-Type: application/json' \ --header 'x-auth-apikey: <api-key>' \ --header 'x-auth-scheme: <x-auth-scheme>' \ --data ' { "deviceUUid": "AAAAAAAAAAAAAAAAAAAAAA.v0", "domain": ".rhombus.com", "durationSec": 3600 } '

Authorizations

x-auth-apikey

string

header

required

Your Rhombus API key. Must be accompanied by the x-auth-scheme header set to api-token (or partner-api-token for partner endpoints).

Headers

x-auth-scheme

enum<string>

default:api-token

required

Authentication scheme identifier. Use api-token for standard API key authentication, partner-api-token for partner API key authentication. Must be paired with the x-auth-apikey header containing your API key.

Available options:

api-token,

api,

partner-api-token,

partner-api

Body

application/json

Request object for generating a federated session token.

deviceUUid

string<DeviceFacetUuid> | null

RUUID with optional appended facet information

Example:

"AAAAAAAAAAAAAAAAAAAAAA.v0"

domain

string | null

The domain that is allowed to use the federated token. The token should begin with a 'dot' and end with a domain suffix. The validation will perform an 'endsWith' operation of the domain supplied by the Referrer header

Example:

".rhombus.com"

durationSec

integer<int32> | null

Duration of the federated session token in seconds

Example:

3600

Response

200 - application/json

Response object containing the generated federated session token.

federatedSessionToken

string<RUUID> | null

base 64 (url-safe) uuid string

Example:

"AAAAAAAAAAAAAAAAAAAAAA"