SignalFx Developers Guide

Developer Home

Product Docs

SignalFx

Session Tokens API

API for creating and deleting session tokens (referred to as User API Access Tokens in the web UI).
Note: This API doesn't handle access tokens (org tokens). To manage access tokens, use the token API.

Create Session Token

Creates a session token

post /session

SignalFx API endpoint.
Replace {REALM} with the name of your realm. For example, if your realm is eu0, use https://api.eu0.signalfx.com/v2.
To find your realm, go to your profile page in the SignalFx web UI.
If you don't include a realm and use https:/api.signalfx.com/v2, SignalFx interprets the endpoint as pointing to the us0 realm.

https://api.{REALM}.signalfx.com/v2/session

Creates a session token (referred to as an User API Access Token in the web UI) that provides authentication for other SignalFx API calls.
Note: You can't use a session token for authenticating a /datapoint, /backfill, or /event API call. These APIs require an org token (referred to as an access token in the web UI.)

header Parameters
Content-Type
required
string

Format of the request payload. The only allowed value is application/json.

Request Body schema: application/json
email
required
string
password
required
string

Responses

200

Successful session token creation

Response Schema: application/json
accessToken
string (The session token returned by the API)

A session token (User API Access Token) generated by the API. This token remains valid for 30 days.

createdBy
string (User ID of the token creator)

The internal user ID of the user who created the token.

createdMs
integer <int64> (When created)

The date and time that the token was created, in Unix time UTC-relative.

disabled
boolean (Disabled token indicator)

Indicates if the token is disabled or not. When you first create a token, the value of disabled is false.

email
string (Email address of the token creator)

The email address submitted in the request to create the token

expiryMs
integer <int64> (Token expiration timestamp)

The date and time that the token will expire, in Unix time UTC-relative

id
string (Token ID)

The SignalFx identifier of this access token

organizationId
string (Organization ID)

The SignalFx identifier of the organization that the user belongs to

sessionType
string (Session type)

Always set to ORG_USER

updatedBy
string (User who updated the token)

For a successful "create token" request, this value is null.

updatedMs
integer <int64> (Token updated timestamp)

The date and time that the token was updated, in Unix time UTC-relative.
For a successful "create token" request, this value is the same as that for createdMs.

userId
string (SignalFx user ID of the user that created the token)

The SignalFx identifier of the user who created the token

username
string (SignalFx user name of the user that created the token)

Always null

401

The create request failed because the user isn't authorized to create session tokens. The API may return this error if the specified email is not known, or if the password is invalid for the specified email.

Response Schema: application/json
type
string (The type of response)

The type of response that this response body represents. Always set to "error".

status
integer (HTTP status code)

The numeric HTTP status code for this response. The API always returns 401 for a failed create token request.

message
string (Error message)

The error message associated with the HTTP status code. The API always returns The email/password combination was entered incorrectly. Please try again."

Request samples

application/json
Copy
Expand all Collapse all
{
  • "email": "myUserName@example.com",
  • "password": "<user_password>"
}

Response samples

application/json
Copy
Expand all Collapse all
{
  • "accessToken": "<access-token>",
  • "createdBy": "CkClZUKAIAQ",
  • "createdMs": 1549963264000,
  • "disabled": false,
  • "email": "user@organization.com",
  • "expiryMs": 1561886464000,
  • "id": "CkSfGddAAAg",
  • "organizationId": "CMtLSYXAEJQ",
  • "sessionType": "ORG_USER",
  • "updatedBy": null,
  • "updatedMs": 1556702464000,
  • "userId": "CkClZUKAIAQ",
  • "userName": null
}

Delete Session Token

Invalidates an existing session token

delete /session

SignalFx API endpoint.
Replace {REALM} with the name of your realm. For example, if your realm is eu0, use https://api.eu0.signalfx.com/v2.
To find your realm, go to your profile page in the SignalFx web UI.
If you don't include a realm and use https:/api.signalfx.com/v2, SignalFx interprets the endpoint as pointing to the us0 realm.

https://api.{REALM}.signalfx.com/v2/session

Invalidates an existing session token (referred to as an User API Access Tokenin the web UI). If the invalidation succeeds, you receive the HTTP status code '204'. This means that the API successfully processed the request, but it won't return headers or a response body.
Note: You can't use this API to delete an org token (referred to as an access token in the web UI.)

header Parameters
X-SF-Token
required
string

The access token that you want to delete

Responses

204

Successful session token deletion. The API doesn't return headers or a response body.

401

Failed session token deletion

Response Schema: application/json
type
string (The type of response)

The type of response that this response body represents. Always set to "error".

status
integer (HTTP status code, always set to '401')

The HTTP status code

message
string (Error message for the failed request)

Error message returned when the API fails to delete the session token. Always returns "The email/password combination was entered incorrectly. Please try again."

Response samples

application/json
Copy
Expand all Collapse all
{
  • "summary": "Response body for a failed token invalidation request",
  • "value":
    {
    }
}

© Copyright 2019 SignalFx.

Third-party license information