user session  signin

api description


signin aims at starting a session based on user credentials (email ID and password) and a device fingerprint that enables multi-device concurrent sessions.

If signin is successful, it returns an associative array composed of 4 parameters:

  • uuid: A Unique User ID (string)
  • usid: A Unique Session ID (string)
  • udid: A Unique Device ID (string), either the default server value or the optional parameter fingerprint.
  • eost: The End of Session Time (integer) is expressed as Unix Epoch time.

These values must be stored on client side for any further session based API call. See the API signed and the API client for further information about sessions and session based API calls.

Security: After 5 unsuccessful attempts due to wrong passwords, the user account is locked and the password must be reset using the API password_reset. See error 652 below.

http method: POST

call cost: 1 point

See the pricing section for more details.

mandatory parameter(s)

parameter values / comments
key E.g. "c54e7837e0cd0ced286cb5995327d1ab54e35987179b2". It is an application key generated by AuverCloud Studio.
emailUser email ID.
passwordUser password.

optional parameters(s)

parameter values / comments
fingerprintAn arbitrary unique device ID to enable multi-device concurrent sessions. It must be a MD5-like string such as "12ad77523eff4686abb5bb5ba031b9d4". JavaScript AuverCloud runtime client contains a method that returns such as string: arc.device.fingerprint().

If this parameter is not provided, a default server fingerprint is applied.

ttlThis defines the maximum session length (time-to-live). The supported values are:
  • "browser" = Browser session. Default value.
  • "minutes" = 10 minutes.
  • "hour" = 1 hour.
  • "day" = 1 day.
  • "week" = 1 week.
  • "month" = 1 month.
  • "forever" = Forever.

Any other value is equivalent to the default one.

lang2-characters user language code e.g. "en", "fr". This information is useful for language based emailing in AuverCloud Studio. It can also be set/get with profile_set/ profile_get.

call sample

This example is the code used in the test case below. It assumes that jQuery and the JavaScript AuverCloud runtime client are loaded in order to use the arc.api() method. See the API client section for more details.



code message comments
651 Email address is unknown.
652 Wrong password. When This error occurs, the response data contains the number of remaining attempts before locking the account.
653 Account is locked. For any reason the user account is locked. In that case, password_reset is required to unlock it.
654 Account is suspended. See AuverCloud Studio to suspend/resume a subscriber account.

See also the Common errors section.

test bed


To test the API with your own keys, please see the section Application keys in AuverCloud Studio.