This documentation is for WSO2 App Factory 1.0.0. View documentation for the latest release.

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.



When you access any API other than the login and logout APIs, first invoke the login API to ensure that user is authenticated. When the login API is invoked, a cookie is generated. You   If your client manages cookies please skip this step otherwise you need to send this cookie with other API invocations in order to authenticate them.

For example,

  1. Let's say you invoked the Login API, which shows the following cookie (section in bold) in the output:
    Set-Cookie: JSESSIONID=2E80F7137C3DFF21C32046BEE7BDA49D; Path=/appmgt/; Secure; HttpOnly.
  2. Set the bold section as the <obtained_cookie> in the following API invocation:
    curl -X POST -k -H 'Content-Type:application/x-www-form-urlencoded' -H 'Cookie: <obtained_cookie> -d 'action=getApplicationsOfUser&userName=<your_username>'