Create a new session via a single sign-on service.

For information on how to work with sessions, refer to the documentation on using single sign-on.


This action requires the following tokens:

  • session-sso-create


Required arguments are marked in bold, and optional arguments are marked in italics.

Argument Type Default Description
service Hash   The ID of the SSO service for which a response is given
response String   An SSO response for the given user from the given service
userip String   IP address of the user wanting to start a session


This action produces the following output on success:

An object containing the following fields:

Name Type Description
id String The ID for this session
key String The key for this session
timeout Integer The number of seconds before this session expires
user Hash The hash for the user that is now logged in


This action can return one of the default status codes, or one of the following status codes on error:

The SSO services specified in the service argument cannot be found.
The given SSO response is invalid.
The token in the given SSO response is not linked to a known user.
The given user IP is rate limited due to too many incorrect login attempts in a short time.