Create a new session. This will require that the session was first initialized.

For information on how to work with sessions, refer to the documentation on using sessions.


This action requires the following tokens:

  • session-create


Required arguments are marked in bold, and optional arguments are marked in italics.

Argument Type Default Description
challenge String   The challenge as send by the server in the session/initialize action
response String   The calculated response for the given challenge
v2hash String   If session/initialize responded that a v2 hash was needed, you need to provide this


This action produces the following output on success:

An object containing the following fields:

Name Type Description
id String The ID for this session
key String The key for this session
timeout Integer The number of seconds before this session expires
user Hash The hash for the user that is now logged in


This action can return one of the default status codes, or one of the following status codes on error:

If the API version 2 hash was required but is not supplied
If for any reason the session could not be created. This can happen when the challenge and / or response are invalid, i.e. one did not perform initialize, the user is not known, or the password is incorrect.