- Getting Started
- Setup On Your Website
- Server Side API
- Auth For Services
Server Side API
Verify Session
Available For: All Plans
Verifies the user's Just Sign In session. If valid, it returns details about the user and the session.
Only call the API from your secure backend server environment.
Never call this from a client such as Web or Mobile.
Never call this from a client such as Web or Mobile.
URL
https://www.justsignin.com/api/v1/server/getSession
Protocol
HTTPS
Method
POST
Header
Content-Type: application/json; charset=utf-8
Request Body
The request body is a JSON object sent as the body of the HTTPS POST. The request body should include the following pramaters.
appId
String
Required The ID of your Just Sign In website configured in the dashboard.
appSecret
String
Required One of the App Secrets you created for the website referenced by the appId.
sessionId
String
Required The user's Just Sign In session id. Just Sign In stores this in a cookie named "jsis" for your server side code to retrieve. You can also find this within the user's browser by calling "jsi.getSession()".
Example JSON POST Body (with pretend example values)
{
"appId": "131889432817531002",
"appSecret": "FCGAYPQP73U47ASKOWRPIOP7DPIY",
"sessionId": "111770523408422991"
}
Responses
200 - Success
A successful call will return details about the session and the user in a JSON object.
HTTP 200 JSON Response
{
"session": {
"id": "111770523408422991",
"expiresUTC": "2023-03-12T11:27:53Z",
"user": {
"id": "103580417282062244",
"email": "johndoe999@gmail.com",
"firstName": "John",
"lastName": "Doe",
"fullName": "John Doe"
}
}
}
401 - Invalid Session ID
For security purposes when you pass an invalid sessionId the API will respond with an HTTP 401 Access Denied code. This is the same error you would receive if you passed an invalid appId or appSecret.
HTTP 401 JSON Response
{
"error": "Access Denied!"
}