HomeGuides
Submit Documentation FeedbackJoin Developer CommunityLog In

Sessions

This topic describes the Sessions API handler.

HTTP Verb: GET

URL: /api/v1/sessions/current

Description: Get the current session.

Base: HandlerBase<GetSessionParameter, GetSessionResult>

Handlers:

OrderHandlerDescription
500GetContextRetrieves site context objects, like language, currency, device type, and persona, and stores them on the result object.
600GetUserInfoRetrieves data for the current user. This includes username, email, first name, roles, and whether or not the current user is allowed to access the current website. This data is stored on the result object.
700GetCustomerInfoRetrieves bill-to and ship-to customer data for the current user.
1000GetPunchoutSettingsRetrieves Punchout settings related to the session, specifically whether or not to display the change customer link. During a Punchout session, you cannot change the customer from within B2B Commerce Cloud.

HTTP Verb: POST

URL: /api/v1/sessions

Description: Post to session endpoint to sign in.

Base: HandlerBase<AddSessionParameter, AddSessionResult>

OrderHandlerDescription
400RemoveImpersonateCookiesRemoves the impersonation cookie, if one exists. The impersonation cookie is created when an Admin user starts an impersonation session from within the Admin Console.
500ValidateContext

Validates that a session can be added for a user. The user is specified using the UserName property on the parameter object. An error is returned if ANY of the following are true:

User is not foundUser is deactivatedUser needs to change his/her passwordUser is locked outUser is not allowed to access the current website

If none of those are true, the user profile is stored in the UserProfile property on the result object.

600SetUserAsAuthenticatedSigns in a user and updates the last login datetime for that user. The user is specified using the UserNameproperty on the parameter object.
700SetSiteContextInitializes the current site context. This includes setting the current currency and the user profile (if the user elected to be remembered after login).
800UpdateCartUpdates the cart using the current bill-to and ship-to customers. Uses theUpdateCartHandlerhandler chain.
900CreateGetSessionResultRetrieves the newly created session using theGetSessionHandler handler chain and stores it in the GetSessionResultproperty on the result object.

HTTP Verb: PATCH

URL: /api/v1/sessions/current

Description: Patch to session endpoint with billtoid, shiptoid, language code and/or currency code to change the context.

Base: HandlerBase<UpdateSessionParameter, UpdateSessionResult>

OrderHandlerDescription
100ValidatePunchout

Validates that certain actions are not being requested if a Punchout session is active. The following actions are not allowed:

  • Reset password
  • Change password
  • Change ship-to customer
500ResetPasswordSends a password reset email to a user. The email contains a link that allows the user to reset his/her password. If the ResetPasswordproperty on the parameter object equals "false", this handler is skipped. The user is found using either the Emailor UserNameproperty on the parameter object.
600ActivateAccountSends an account activation email to a user. The email contains a link that allows the user to activate his/her password. If the ActivateAccountproperty on the parameter object equals "false", this handler is skipped. The user is found using either the Emailor UserNameproperty on the parameter object.
700ChangePasswordChanges a password for a user. The Passwordand NewPasswordproperties on the parameter object are required.
800ChangePasswordWithTokenChanges a password for a user, using a reset token. The ResetTokenand NewPasswordproperties on the parameter object are required. If the password is changed successfully, the user account is also unlocked.
900SetLanguageSets the language on the current site context. The language is found using theLanguageIdproperty on the parameter object. If the LanguageIdproperty on the parameter object is blank, this handler is skipped.
1000SetCurrencySets the currency on the current site context. The currency is found using the CurrencyIdproperty on the parameter object. If the CurrencyIdproperty on the parameter object is blank or the CurrencyIdmatches the current currency, this handler is skipped.
1100UpdateUserProfile

Updates the default customer for the current user. Also, updates whether or not the homepage is the dashboard page.

1200SetBillToSets the bill-to customer on the current site context. The bill-to customer is found using the BillToIdproperty on the parameter object.
1300SetShipToSets the ship-to customer on the current site context. The ship-to customer is found using the ShipToIdproperty on the parameter object and the current bill-to customer.
1400UpdateCartUpdates the cart using the current bill-to and ship-to customers. Uses the UpdateCartHandler handler chain. The cart is updated if either the bill-to or ship-to customers were changed in previous handlers.
1500CreateGetSessionResultRetrieves the newly created session using the GetSessionHandler handler chain and stores it in the GetSessionResult property on the result object.

HTTP Verb: DELETE

URL: /api/v1/sessions/current

Description: Delete to session endpoint signs out.

Base: HandlerBase<RemoveSessionParameter, RemoveSessionResult>

OrderHandlerDescription
500RemoveSessionSigns out the current user and removes objects from the site context, including bill-to and ship-to customer, persona, and remembered user profile.
600RemoveImpersonateCookiesRemoves the impersonation cookie, if one exists. The impersonation cookie is created when an Admin user starts an impersonation session from within the Admin Console.

Did this page help you?