Application Session

The Sessions API allows you to retrieve and manage the session configurations of your applications.

Retrieve the application session configuration

Retrieves a session configuration for an application

Request
path Parameters
applicationId
required
string <uuid>

Identifier of the application

Responses
200

Success

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

429

Too Many Requests

get/api/v2/apps/{applicationId}/session
Request samples 
Response samples 
application/json
{
  • "auth": "HEADER",
  • "enforceRelayState": false,
  • "deepLinking": true,
  • "idleSession": true,
  • "idleSessionTimeout": 3600,
  • "maxSession": true,
  • "maxSessionTimeout": 28800,
  • "browserSessionExpiration": false
}
Replace the application session configuration
Replaces the session configuration for an application in Access Gateway


Use this endpoint to define session management settings.


Request 
path Parameters
applicationId
required
string <uuid> 
Identifier of the application


 
Request Body schema: application/json
required
auth
string
Authentication type


 Enum: "HEADER" "NOAUTH" "IWA" "EBS"  
browserSessionExpiration
boolean
Indicates whether app sessions expire when the browser is closed. If browserSessionExpiration is true, the app session expires when the browser is closed.


 
deepLinking
boolean
Indicates whether your application dynamically redirects browsers to application URIs after sign-in. If deepLinking is false, the browser redirects to the post sign-in URL after sign-in.


 
enforceRelayState
boolean
Indicates whether your application only allows deep links that share the public domain name. If a deep link domain doesn't match the public domain name, Access Gateway only uses the post login URL.


 
idleSession
boolean
Indicates whether app sessions can expire after a certain amount of idle time. If idleSession is true, the session expires after a period of inactivity, determined by the idleSessionTimeout value.


 
idleSessionTimeout
integer  >= 60 
 Default:  3600
The amount of idle time, in seconds, before an app session expires. This value is ignored if idleSession is false.
The maximum value for this field is determined by the maxSessionTimeout value. The value of idleSessionTimeout must be less than or equal to maxSessionTimeout.


 
maxSession
boolean
Indicates whether app sessions can expire after a certain amount of time, regardless of activity. If maxSession is true, the session expires after a period of time, determined by the maxSessionTimeout value.


 
maxSessionTimeout
integer
 Default:  28800
The amount of time, in seconds, before an app session expires, regardless of activity. This value is ignored if maxSession is false.
The minimum value for this field is determined by the idleSessionTimeout value. The value of maxSessionTimeout must be greater than or equal to idleSessionTimeout.
Setting maxSessionTimeout to 0 means that the app session never expires which is similar to setting maxSession to false.


 
Responses 
200
Session updated successfully


400
Bad Request


401
Unauthorized


403
Forbidden


404
Not Found


429
Too Many Requests


put/api/v2/apps/{applicationId}/session
Request samples 
application/json
{
  • "auth": "HEADER",
  • "enforceRelayState": false,
  • "deepLinking": true,
  • "idleSession": true,
  • "idleSessionTimeout": 3600,
  • "maxSession": true,
  • "maxSessionTimeout": 28800,
  • "browserSessionExpiration": false
}
Response samples 
application/json
{
  • "auth": "HEADER",
  • "enforceRelayState": false,
  • "deepLinking": true,
  • "idleSession": true,
  • "idleSessionTimeout": 3600,
  • "maxSession": true,
  • "maxSessionTimeout": 28800,
  • "browserSessionExpiration": false
}