OpenSession

An OpenSession request/response document validates the user’s identity, creates a new session in the application, and returns a session ID. This is essentially the same as the user logging into the application where the caller can communicate with the IDO.

You must submit an OpenSession request before you can submit other requests.

Request data

An OpenSession request document has this payload structure that contains data, such as the user’s login information (user ID, password, configuration name). These data are required to complete the request.

<RequestData>
   <UserID>userid</UserID>
   <LanguageID>culture</LanguageID>
   <ConfigName>config</ConfigName>
   <MachineName>machinename</MachineName>
   <DomainUserName>domainusername</DomainUserName>
   <ApplicationName>appname</ApplicationName>
   <AllowCloseExistingSessions>true|false</AllowCloseExistingSessions>
   <Password Encrypted="N">password</Password>
   <Workstation>workstation</Workstation>
</RequestData>

Response data

An OpenSession response document has this payload structure and includes requested data and return values.

<ResponseData>
   <UserID>userid</UserID>
   <LanguageID>culture</LanguageID>
   <ProductVersion>version</ProductVersion>
   <DeadlockRetry>0</DeadlockRetry>
   <License Status="status">
     <Message>message</Message>
   </License>
   <RegionalSettings MessageLanguageID="langID" LocaleID="localeID" DecimalSeparator="dec-sep" DigitGroupSeparator="dig-sep" DigitsInGroup="dig">regional-settings</RegionalSettings>
   <AdditionalFailureInformation>failureinfo</AdditionalFailureInformation>
   <ServerDate>serverdatetime</ServerDate>
   <LoginResult>loginstatus</LoginResult>
   <PrimaryGroupName>group</PrimaryGroupName>
   <DaysUntilPasswordExpires>days</DaysUntilPasswordExpires>
   <EditLevel>editlevel</EditLevel>
   <SuperUser>su-indicator</SuperUser>
   <StartupMethods>startup-method-spec</StartupMethods>
   <AuditingEnabled>true|false</AuditingEnabled>
</ResponseData>

Element descriptions


Element	Description
`AdditionalFailureInformation`	If the login fails, this element can contain additional information about why.
`AllowCloseExistingSessions`	Optional. If this is True, existing sessions can be closed if the concurrent login limit prevents user from logging in. Default = False
`ApplicationName`	Optional. This is the name of the application being used for the session. This element is used primarily for diagnostics.
`AuditingEnabled`	This element is for internal use only.
`ConfigNamne`	This is the name of the configuration where the session runs. You can get a list of configurations by using this in the request.
`DaysUntilPasswordExpires`	This is the number of days until the specified user’s current password expires.
`DeadlockRetry`	This is no longer used.
`DomainUserName`	Optional. This is the client’s NT user name. This element is used primarily for diagnostics.
`EditLevel`	This is the level of editing permission assigned to the user, as specified on the Users form: 0 = None 1 = Basic 2 = Full User 3 = Site Developer 4 = Vendor Developer For information about the particulars of these editing/permission levels, see the online help topic, "Editing permissions".
`LanguageID`	Optional. This is the culture value being used for the session. This corresponds to a value in the LanguageIDs table. Default = en-US
`License`	If the login is successful, this indicates the status of the application database’s license (VALID or INVALID). If INVALID, the message contains additional info, such as when the license expired.
`LoginResult`	This is the result of the specified user’s login attempt. These are the possible values: Success InvalidCredentials AccountDisabled AccountLocked PasswordExpired PasswordWillExpire SessionLimit ConcurrentSessionLimit InvalidConfiguration UnknownFailure Note: This response should never present. LicenseInconsistency Note: This response indicates that someone has tampered with the licensing.
`MachineName`	Optional. This is the name of the computer being used for the session. This element is used primarily for diagnostics.
`Password`	This is the user’s password. If Encrypted = Y, the password is encrypted. However, Encrypted is usually set to N.
`PrimaryGroupName`	This is the name of the primary group defined for the user as specified on the Users form.
`ProductVersion`	This is the version of the application.
`RegionalSettings`	This is the regional settings and locale settings used for this session. This information comes from the LanguageIDs table.
`ServerDate`	This is the date on the Application server. The CURDATE() and CURTIME() keywords must yield values that match the server for the application, not the client machine. This value is used to compute the difference between the client machine’s date and time and the Application server’s date and time. This is done so that each time CURDATE() and CURTIME() are evaluated, Mongoose can produce the correct server-based result.
`StartupMethods`	This element is for internal use only.
`SuperUser`	This element indicates whether the specified user is a "super user". 1 = Yes 0 = No For more information about super users, see the online help topic, "Super User".
`UserID`	This is the user's ID, which must be defined for the specified configuration.
`Workstation`	Optional. This element is for internal use only.

Examples for OpenSession

This example request opens a session using the configuration MG_DEV for a user whose ID is jdelacruz.

<IDORequest ProtocolVersion="6.03" SessionID="">
   <RequestHeader Type="OpenSession">
      <InitiatorType />
      <InitiatorName />
      <SourceName />
      <SourceConfig />
      <TargetName />
      <TargetConfig />
      <RequestData>
        <UserID>jdelacruz</UserID>
        <LanguageID />
        <PrefsLanguageID />
        <ConfigName>MG_DEV</ConfigName>
        <AllowCloseExistingSessions>true</AllowCloseExistingSessions>
        <Password Encrypted="N">Passwe1rd</Password>
        <Workstation />
        <Passcode />
        <TrustedClient>false</TrustedClient>
      </RequestData>
   </RequestHeader>
</IDORequest>

This example response contains the session ID which can be used for submitting other requests.

<IDOResponse ProtocolVersion="6.03" SessionID="04269518-2d4b-4b13-938b-65ed2f561c53">
   <ResponseHeader Type="OpenSession">
      <InitiatorType />
      <InitiatorName />
      <SourceName />
      <SourceConfig />
      <TargetName />
      <TargetConfig />
      <ResponseData>
         <UserID>sa</UserID>
         <LanguageID />
         <PrefsLanguageID />
         <ProductVersion>10.08.00</ProductVersion>
         <PendoGuidesAPIKey />
         <FormsVersion />
         <License Status="VALID">
            <Message />
            <BusinessLogicalID>default</BusinessLogicalID>
         </License>
         <RegionalSettings MessageLanguageID="1033" LocaleID="1033" DecimalSeparator="." DigitGroupSeparator="," DigitsInGroup="3">
            <StringTableName>Strings</StringTableName>
            <LanguageSubDir>en-US</LanguageSubDir>
            <HelpSubDir>en-US</HelpSubDir>
            <LanguageCode>ENU</LanguageCode>
         </RegionalSettings>
         <LastChangeDateIDOMetadata>0x00000000000278d0</LastChangeDateIDOMetadata>
         <LastChangeDateFormsMetadata />
         <AdditionalFailureInformation />
         <ClientRetryMinutes>0</ClientRetryMinutes>
         <ServerDate>20190813 10:12:17.203</ServerDate>
         <LoginResult>Success</LoginResult>
         <PrimaryGroupName />
         <DaysUntilPasswordExpires>2147483647</DaysUntilPasswordExpires>
         <UserDesc />
         <TokenAuthenticationMessage />
         <HostEnvironment>InforPAAS</HostEnvironment>
         <EditLevel>4</EditLevel>
         <SuperUser>1</SuperUser>
         <UserLanguageID />
       <StartupMethods>AccessAs.StartupMethodSp(RVAR V(Parm_Site),RVAR V(Parm_DisplayReportHeaders),RVAR V(AccessAs),RVAR V(Parm_DefaultStartingToEnding))</StartupMethods>
       <AuditingEnabled>false</AuditingEnabled>
     </ResponseData>
   </ResponseHeader>
</IDOResponse>