Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry AtHoc
  3. BlackBerry AtHoc SDKs and APIs 7.13
  4. SDK Specification
  5. Manage API Access and Security
  6. Validate SDK requests
  7. Validate with a session ID

Validate with a session ID

You can request a session to be created on the server through the login API. The login API returns a session ID that can be used instead of a username and password. This enhances security by removing the need to store a username and password in your application.
Login
 
<AtHocSdk>
<client>organizationID</client>
<validation>
<username>OperatorUserName</name>
<password>OperatorPassword</password>
<udid>OperatorDeviceIdentifier</udid>
</validation>
<payload type=”Login”/>
</AtHocSdk>
This login method returns a response that contains the session ID for the remainder of the operator session. 
<AtHocSdk>
<client>2060349</client>
<validation>
<sessionId>c345c6f6-a46c-4d41-9bfb-7f1d7b79c528</sessionId>
</validation>
<payload type='LOGOUT'/>
</AtHocSdk>
Example payload
Use the session ID returned in the response to call the SDK. The session ID replaces the Username and password in the <validation> attribute. 
<AtHocSdk><client>organizationID</client>
<validation>
<sessionID>C345c6f6-a46c-4d41-9bfb-7fld7b79c528</sessionID>
</validation>
<payload type=”GET-DISTRIBUTION-LISTS”>
</payload>
</AtHocSdk>
Logout
After calling the SDK with the session ID, use the logout SDK to invalidate the session ID: 
<AtHocSdk>
<client>2060349</client>
<validation>
<sessionId>c345c6f6-a46c-4d41-9bfb-7f1d7b79c528</sessionId>
</validation>
<payload type='LOGOUT'/>
</AtHocSdk>