Logging in and out

If the authentication is successful, the response header "Authentication-Token" is sent to the client. From then, client applications can use this token and send it to the server for the authentication for further access to the server by using the same persistent connection. The client applications use this token to obtain further access to the server using the persistent connection.

The following is an example of an Authentication-token.
HTTP/1.1 201 Created
 Date: Wed, 02 Mar 2018 22:46:15 GMT
 Server: SLX-OS WWW
 Authentication-Token: TEM5Wk59XV5xRFxOdVtydF9kWDZwd2hHRGV6Q0B0NXk=
 Location: http://localhost/rest/config/running/router/mpls
 Cache-control: private, no-cache, must-revalidate, proxy-revalidate
 Content-Length: 0
 Content-Type: text/html
 
* Connection #0 to host 10.24.12.135 left intact

There is no expiry for the authentication token or the user session. There is expiry for the HTTP session only, which is 180 seconds. The client will timeout if the server does not respond within 180 seconds. This also applies to the Authentication-token expiry.

For single persistent connection, there must be only one token. When the same token is reused, you can have maximum number of 100 requests in a persistent connection.

To log out from the device, you must delete the session created using the DELETE operation. The URI for deleting a session is http:// host:port/rest/session/<session-id>.