Logout using REST API

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • viklele
    Junior Member
    • Mar 2019
    • 7
    #1

    Logout using REST API

    Hi,


    I am toying with the idea of making an app for ESPO CRM. Still very early stage and haven't thought through in detail.

    I have started experimenting with the REST API to get a feel of effort involved. A few immediate issues that I ran into:

    1. How does one logout using REST API?

    2. Is there a way to have a long duration session? or do I just need to remember the username and password and use it whenever the session expires?

    Thanks,

    Regards,
    Vikram



    Tags: None
    • yuri
      Member
      • Mar 2014
      • 8451
      #2
      Hi Vikram,

      There are two options. Using api user with api-key, or a regular user with username and password. In case of regular user you use basic authorization. There is no such a thing as logout in basic authorization. Hence there are no sessions.

      Regards.
      If you find EspoCRM good, we would greatly appreciate if you could give the project a star on GitHub. We believe our work truly deserves more recognition. Thanks.

        Comment

        • viklele
          Junior Member
          • Mar 2019
          • 7
          #3
          Hi Yurikuzn,

          Thanks for yoru quick reply.

          I am trying to minimize the admin work that will be required for using the app. The API-Key approach will require the user to first generate an API-KEY. Therefore, I had planned to go with Espo-Authorization option provided in the API:

          Code:
          "Espo-Authorization: " + base64Encode(username + ':' + passwordOrToken)
          I am using user name and password for initial login, which gets me the details of the user and also a token that I can use for subsequent API calls. So far this has worked fine. My concern is when will this token expire? Of course, I can handle session expiry in the code and re-login using the username and password that user had entered initially. Just was trying to avoid that.

          Regards.

            Comment

            • yuri
              Member
              • Mar 2014
              • 8451
              #4
              It's determined by 2 parameters at Administration > Authentication: Auth Token Lifetime and Auth Token Max Idle Time.

              Once you receive 401 error you just try to obtain a new token.
              If you find EspoCRM good, we would greatly appreciate if you could give the project a star on GitHub. We believe our work truly deserves more recognition. Thanks.

                Comment

                Previous template Next
                Working...