Login User
Create a session token for a user.
POST https://instance.securid.com/aveksa/command.submit?cmd=loginUser
tip
Call getLoginInstructions first to retrieve the username and password field labels to display in your login UI.
Request
Parameters
| loginUser | |
| format | properties - (Default) Returns the response as key=value pairs.json - Returns the response as JSON. |
| authsource | The name of the authentication source provider (for example, an LDAP provider or SSO provider). Can also be included in the request body. Required when using third-party SSO. |
Headers
| Accept | application/json |
| Content-Type | application/xml |
Body
| The username used to log in. | |
| The password used to log in. | |
authsource | The authentication source provider name. Can be passed here or as a URL parameter. Use a URL parameter when the body contains a SAML assertion. |
<username>username</username><password>password</password>
Response
Parameters
token | The session token for this user. Pass this as the Authorization: Bearer header in subsequent requests. |
Examples
Request
- Curl
- Python
- Node.js
curl -K -X POST \
"https://instance.securid.com/aveksa/command.submit?cmd=loginUser&format=json" \
-H "Content-Type: application/xml" \
-d "<username>user01</username><password>password123</password>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "loginUser",
"format": "json"
}
headers = {
'Content-Type': 'application/xml'
}
username = "username_here"
password = "password_here"
payload = f"<username>{username}</username><password>{password}</password>"
response = requests.post(url, params=params, data=payload, headers=headers)
if response.status_code == 200:
token = response.json().get("data", {}).get("token")
print(f"Token: {token}")
else:
print(f"Request failed with status code {response.status_code}")
const axios = require('axios');
const url = "https://instance.securid.com/aveksa/command.submit";
const params = {
cmd: "loginUser",
format: "json"
};
const headers = {
'Content-Type': 'application/xml'
};
const username = "username_here";
const password = "password_here";
const payload = `<username>${username}</username><password>${password}</password>`;
axios.post(url, payload, { params, headers })
.then(response => {
if (response.status === 200) {
const token = response.data?.data?.token;
console.log(`Token: ${token}`);
} else {
console.log(`Request failed with status code ${response.status}`);
}
})
.catch(error => {
console.error('Error:', error);
});
Response
- 200
- 401 Invalid Credentials
- 401 Invalid Auth Source
- 412 Missing Username
{
"data": {
"type": "loginUser",
"token": "ws31012566e36e3be2c9:-28aff589:18a2758240d:-7c4e"
}
}
Returned when the username or password is incorrect, or when the user account is terminated.
<html>
<head>
<title>Error</title>
</head>
<body>User could not be validated. The username or password may be incorrect.
Query String=cmd=loginUser&format=json</body>
</html>
Returned when the authsource does not match a configured provider.
<html>
<head>
<title>Error</title>
</head>
<body>User could not be validated. The authsource may be incorrect.
Query String=cmd=loginUser&format=json</body>
</html>
Returned when the username element is absent from the request body.
<html>
<head>
<title>Error</title>
</head>
<body>User could not be validated. The username or password may be incorrect.
Query String=cmd=loginUser&format=json</body>
</html>
Verified with RSA Governance & Lifecycle version 8.0.0.188886 P10_HF01.