KRON PAM API Collection v3.7.0
Authentication

Login

1min
POST

The login method is the primary gateway to the KRON PAM system. Before accessing any other functionalities or methods, users must authenticate themselves using this method by providing a username and password.

Successfully logging in provides the user with a session ID, which is essential for subsequent interactions with the system.

Note:
If you have enabled One-Time Password (OTP) for Multi-Factor Authentication (MFA), you must enter your 6-digit code after the initial login.

Request Headers:

  • Content-Type: application/json

Response Cookies:
Upon a successful login, the server will include several cookies in the response. These cookies are critical for maintaining the session and ensuring secure communication in subsequent requests. Ensure that your client (or cookie jar) is configured to handle the following cookies:

  • JSessionID:
    Used to manage the session state for the authenticated user.

  • XSRF-TOKEN (also referred to as XRFS Token):
    This token is provided to protect against Cross-Site Request Forgery (CSRF) attacks. It must be included in the X-XSRF-TOKEN header in all follow-up requests.

  • Netright ID:
    An additional identifier necessary for session management and authorization.

Tip: Make sure that your cookie storage or session handling mechanism supports the size requirements for these cookies. Properly retaining these cookies is essential for secure and seamless interaction with the KRON PAM system.

Workflow Summary:

  1. Authentication:
    Send a POST request with your credentials (username and password) to the login endpoint.

  2. Cookie Storage:
    On successful authentication, extract and store the JSessionID, XSRF-TOKEN, and Netright ID cookies. These cookies must be retained and sent with all subsequent requests.

  3. OTP Verification (if enabled):
    If MFA is active, a follow-up OTP validation request must be sent with the additional 6-digit code.

  4. Subsequent Requests:
    Include the stored cookies (especially the XSRF-TOKEN via the X-XSRF-TOKEN header) in all further interactions with the system to ensure session integrity and security.

Header Parameters
Content-Type
Path Parameters
url
Body Parameters
body
Responses
200
Login




NEXT
Logout
Docs powered by Archbee