Shell HTTP Node.JS JavaScript Ruby Python Java Go

Customer Sessions v0.1.0

Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.

The Customer Sessions API provides the mechanisms to manipulate authenticated sessions. This API allows the trusted caller to terminate or resume customer sessions on the back-end. When a session is resumed, the expiration is reset. This is an internal API and is not intended for public use.

Download OpenAPI Definition (YAML)

Base URLs:

Terms of service

Email: Apiture Web: Apiture

License: Apiture API License

Customer Sessions

Customer Sessions

terminateCustomerSession

Code samples

# You can also use wget
curl -X POST https://api.devbank.apiture.com/system/terminatedCustomerSessions \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/problem+json'

POST https://api.devbank.apiture.com/system/terminatedCustomerSessions HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/json
Accept: application/problem+json

const fetch = require('node-fetch');
const inputBody = '{
  "sessionId": "login#1#6cf93423ff5647ad#4062217d6f04337fd31a76cea23ab7aad8bce93e71a9f0756daaf3cd1ae8579fea1601beb0521b7dbdac0ff4e"
}';
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/problem+json'

};

fetch('https://api.devbank.apiture.com/system/terminatedCustomerSessions',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Content-Type':'application/json',
  'Accept':'application/problem+json'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/system/terminatedCustomerSessions',
  method: 'post',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/json',
  'Accept' => 'application/problem+json'
}

result = RestClient.post 'https://api.devbank.apiture.com/system/terminatedCustomerSessions',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/json',
  'Accept': 'application/problem+json'
}

r = requests.post('https://api.devbank.apiture.com/system/terminatedCustomerSessions', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/system/terminatedCustomerSessions");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/json"},
        "Accept": []string{"application/problem+json"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/system/terminatedCustomerSessions", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Terminate a customer session

POST https://api.devbank.apiture.com/system/terminatedCustomerSessions

Terminates a customer session and prevents any further usage of the session.

Body parameter

{
  "sessionId": "login#1#6cf93423ff5647ad#4062217d6f04337fd31a76cea23ab7aad8bce93e71a9f0756daaf3cd1ae8579fea1601beb0521b7dbdac0ff4e"
}

Parameters

ParameterDescription
body customerSession

Example responses

400 Response

{
  "id": "3fbad566-be86-4b22-9ba6-3ca99fdc0799",
  "type": "https://production.api.apiture.com/errors/noSuchAccount/v1.0.0",
  "title": "Account Not Found",
  "status": 422,
  "occurredAt": "2022-04-25T12:42:21.375Z",
  "detail": "No account exists for the given account reference",
  "instance": "https://production.api.apiture.com/banking/transfers/bb709151-575041fcd617"
}

Responses

StatusDescription
204 No Content
No Content. The operation succeeded but returned no response body.
StatusDescription
400 Bad Request
Bad Request. The request body, request headers, and/or query parameters are not well-formed.
Schema: problemResponse
StatusDescription
401 Unauthorized

Unauthorized. The operation require authentication but none was given.

This error response may have one of the following type values:

Schema: problemResponse
HeaderWWW-Authenticate
string
Optionally indicates the authentication scheme(s) and parameters applicable to the target resource/operation. This normally occurs if the request requires authentication but no authentication was passed. A 401 Unauthorized response may also be used for operations that have valid credentials but which require step-up authentication.
StatusDescription
403 Forbidden

Forbidden. The authenticated caller is not authorized to perform the requested operation.

This error response may have one of the following type values:

Schema: problemResponse
StatusDescription
422 Unprocessable Entity

Unprocessable Entity. The request body and/or query parameters were well formed but otherwise invalid.

This error response may have one of the following type values:

Schema: problemResponse

resumeCustomerSession

Code samples

# You can also use wget
curl -X POST https://api.devbank.apiture.com/system/resumedCustomerSessions \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/problem+json'

POST https://api.devbank.apiture.com/system/resumedCustomerSessions HTTP/1.1
Host: api.devbank.apiture.com
Content-Type: application/json
Accept: application/problem+json

const fetch = require('node-fetch');
const inputBody = '{
  "sessionId": "login#1#6cf93423ff5647ad#4062217d6f04337fd31a76cea23ab7aad8bce93e71a9f0756daaf3cd1ae8579fea1601beb0521b7dbdac0ff4e"
}';
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/problem+json'

};

fetch('https://api.devbank.apiture.com/system/resumedCustomerSessions',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

var headers = {
  'Content-Type':'application/json',
  'Accept':'application/problem+json'

};

$.ajax({
  url: 'https://api.devbank.apiture.com/system/resumedCustomerSessions',
  method: 'post',

  headers: headers,
  success: function(data) {
    console.log(JSON.stringify(data));
  }
})

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/json',
  'Accept' => 'application/problem+json'
}

result = RestClient.post 'https://api.devbank.apiture.com/system/resumedCustomerSessions',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/json',
  'Accept': 'application/problem+json'
}

r = requests.post('https://api.devbank.apiture.com/system/resumedCustomerSessions', params={

}, headers = headers)

print r.json()

URL obj = new URL("https://api.devbank.apiture.com/system/resumedCustomerSessions");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/json"},
        "Accept": []string{"application/problem+json"},
        
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "https://api.devbank.apiture.com/system/resumedCustomerSessions", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Resume a customer session

POST https://api.devbank.apiture.com/system/resumedCustomerSessions

Resume a customer session and reset any expiration timeout associated with this session. Allows the customer to continue to use the session without requiring session verification.

Body parameter

{
  "sessionId": "login#1#6cf93423ff5647ad#4062217d6f04337fd31a76cea23ab7aad8bce93e71a9f0756daaf3cd1ae8579fea1601beb0521b7dbdac0ff4e"
}

Parameters

ParameterDescription
body customerSession (required)

Example responses

400 Response

{
  "id": "3fbad566-be86-4b22-9ba6-3ca99fdc0799",
  "type": "https://production.api.apiture.com/errors/noSuchAccount/v1.0.0",
  "title": "Account Not Found",
  "status": 422,
  "occurredAt": "2022-04-25T12:42:21.375Z",
  "detail": "No account exists for the given account reference",
  "instance": "https://production.api.apiture.com/banking/transfers/bb709151-575041fcd617"
}

Responses

StatusDescription
204 No Content
No Content. The operation succeeded but returned no response body.
StatusDescription
400 Bad Request
Bad Request. The request body, request headers, and/or query parameters are not well-formed.
Schema: problemResponse
StatusDescription
401 Unauthorized

Unauthorized. The operation require authentication but none was given.

This error response may have one of the following type values:

Schema: problemResponse
HeaderWWW-Authenticate
string
Optionally indicates the authentication scheme(s) and parameters applicable to the target resource/operation. This normally occurs if the request requires authentication but no authentication was passed. A 401 Unauthorized response may also be used for operations that have valid credentials but which require step-up authentication.
StatusDescription
403 Forbidden

Forbidden. The authenticated caller is not authorized to perform the requested operation.

This error response may have one of the following type values:

Schema: problemResponse
StatusDescription
422 Unprocessable Entity

Unprocessable Entity. The request body and/or query parameters were well formed but otherwise invalid.

This error response may have one of the following type values:

Schema: problemResponse

Schemas

apiProblem

{
  "id": "3fbad566-be86-4b22-9ba6-3ca99fdc0799",
  "type": "https://production.api.apiture.com/errors/accountNotFound/v1.0.0",
  "title": "Account Not Found",
  "status": 422,
  "occurredAt": "2022-04-25T12:42:21.375Z",
  "detail": "No account exists at the given account_url",
  "instance": "https://production.api.apiture.com/banking/transfers/bb709151-575041fcd617"
}

API Problem (v1.1.0)

API problem or error, as per RFC 7807 application/problem+json.

Properties

NameDescription
type string(uri-reference)
A URI reference (RFC3986) that identifies the problem type. If present, this is the URL of human-readable HTML documentation for the problem type. When this member is not present, its value is assumed to be "about:blank".
title string
A short, human-readable summary of the problem type. The title is usually the same for all problem with the same type.
status integer(int32)
The HTTP status code for this occurrence of the problem.
minimum: 100
maximum: 599
detail string
A human-readable explanation specific to this occurrence of the problem.
instance string(uri-reference)
A URI reference that identifies the specific occurrence of the problem. This is the URI of an API resource that the problem is related to, with a unique error correlation ID URI fragment
id string: readOnlyResourceId
The unique identifier for this problem. This is an immutable opaque string.
read-only
minLength: 6
maxLength: 48
pattern: ^[-_:.~$a-zA-Z0-9]+$
occurredAt string(date-time): readOnlyTimestamp
The timestamp when the problem occurred, in RFC 3339 date-time YYYY-MM-DDThh:mm:ss.sssZ format, UTC.
read-only
minLength: 20
maxLength: 30
problems array: [apiProblem]
Optional root-causes if there are multiple problems in the request or API call processing.
attributes object
Additional optional attributes related to the problem. This data conforms to the schema associated with the error type.

customerSession

{
  "sessionId": "login#1#6cf93423ff5647ad#4062217d6f04337fd31a76cea23ab7aad8bce93e71a9f0756daaf3cd1ae8579fea1601beb0521b7dbdac0ff4e"
}

Customer Session Reference (v1.0.0)

Identifies an active session.

Properties

NameDescription
sessionId string (required)
The opaque, sensitive, session identifier used as an access token claim.
maxLength: 128

problemResponse

{
  "id": "3fbad566-be86-4b22-9ba6-3ca99fdc0799",
  "type": "https://production.api.apiture.com/errors/noSuchAccount/v1.0.0",
  "title": "Account Not Found",
  "status": 422,
  "occurredAt": "2022-04-25T12:42:21.375Z",
  "detail": "No account exists for the given account reference",
  "instance": "https://production.api.apiture.com/banking/transfers/bb709151-575041fcd617"
}

Problem Response (v0.3.0)

API problem or error response, as per RFC 7807 application/problem+json.

Properties

NameDescription
type string(uri-reference)
A URI reference (RFC3986) that identifies the problem type. If present, this is the URL of human-readable HTML documentation for the problem type. When this member is not present, its value is assumed to be "about:blank".
title string
A short, human-readable summary of the problem type. The title is usually the same for all problem with the same type.
status integer(int32)
The HTTP status code for this occurrence of the problem.
minimum: 100
maximum: 599
detail string
A human-readable explanation specific to this occurrence of the problem.
instance string(uri-reference)
A URI reference that identifies the specific occurrence of the problem. This is the URI of an API resource that the problem is related to, with a unique error correlation ID URI fragment
id string: readOnlyResourceId
The unique identifier for this problem. This is an immutable opaque string.
read-only
minLength: 6
maxLength: 48
pattern: ^[-_:.~$a-zA-Z0-9]+$
occurredAt string(date-time): readOnlyTimestamp
The timestamp when the problem occurred, in RFC 3339 date-time YYYY-MM-DDThh:mm:ss.sssZ format, UTC.
read-only
minLength: 20
maxLength: 30
problems array: [apiProblem]
Optional root-causes if there are multiple problems in the request or API call processing.
attributes object
Additional optional attributes related to the problem. This data conforms to the schema associated with the error type.

readOnlyResourceId

"string"

Read-only Resource Identifier (v1.0.0)

The unique, opaque system-assigned identifier for a resource. This case-sensitive ID is also used in URLs as path parameters or in other properties or parameters that reference a resource by ID rather than URL. Resource IDs are immutable.

Type: string
read-only
minLength: 6
maxLength: 48
pattern: ^[-_:.~$a-zA-Z0-9]+$

readOnlyTimestamp

"2021-10-30T19:06:04.250Z"

Read-Only Timestamp (v1.0.0)

A readonly or derived timestamp (an instant in time) formatted in RFC 3339 date-time UTC format: YYYY-MM-DDThh:mm:ss.sssZ.
The schema readOnlyTimestamp was added on version 0.4.0 of the API.

Type: string(date-time)
read-only
minLength: 20
maxLength: 30

resourceId

"string"

Resource Identifier (v1.0.0)

The unique, opaque system identifier for a resource. This case-sensitive ID is also used as path parameters in URLs or in other properties or parameters that reference a resource by ID rather than URL.

Type: string
minLength: 6
maxLength: 48
pattern: ^[-_:.~$a-zA-Z0-9]+$