Manage sessions and refresh access tokens for silent authentication and SSO across apps. These sessions apply to any of the authentication methods implemented using a backend-to-backend integration ('Backend Authentication').
Sessions
Download OpenAPI description
Languages
Servers
Sandbox environment
https://api.sbx.transmitsecurity.io/cis
Production environment (US)
https://api.transmitsecurity.io/cis
Production environment (EU)
https://api.eu.transmitsecurity.io/cis
Production environment (CA)
https://api.ca.transmitsecurity.io/cis
Production environment (AU)
https://api.au.transmitsecurity.io/cis
Request
Authenticates an existing session in order to obtain an access token without explicit user interaction. This enables silent authentication and single sign-on (SSO).
Security
ClientAccessToken
Resource URI the authentication request is attempting to access, which is reflected in the audience (aud claim) of the access token. This must be configured as resource for the application.
Used to request additional claims in the ID token, such as roles, permissions, and other user profile data. The structure is per the OIDC Standard. For supported claims and how to request custom claims, see the ID Token Reference.
Example: {"id_token":{"roles":null}}
- Sandbox environmenthttps://api.sbx.transmitsecurity.io/cis/v1/auth/session/authenticate
- Production environment (US)https://api.transmitsecurity.io/cis/v1/auth/session/authenticate
- Production environment (EU)https://api.eu.transmitsecurity.io/cis/v1/auth/session/authenticate
- Production environment (CA)https://api.ca.transmitsecurity.io/cis/v1/auth/session/authenticate
- Production environment (AU)https://api.au.transmitsecurity.io/cis/v1/auth/session/authenticate
- cURL
- Node.js
- Go
- JavaScript
- Java
- Python
curl -i -X POST \
https://api.sbx.transmitsecurity.io/cis/v1/auth/session/authenticate \
-H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
-H 'Content-Type: application/json' \
-d '{
"resource": "string",
"claims": {
"id_token": {
"roles": null
}
},
"org_id": "string",
"client_attributes": {
"user_agent": "string",
"ip_address": "string"
},
"session_id": "string"
}'Response
application/json
{ "access_token": "string", "id_token": "string", "refresh_token": "string", "token_type": "string", "expires_in": 3600, "session_id": "string" }
Request
Exchange the refresh token returned upon successful authentication for a new access token.
Required permissions: apps:execute, [appId]:execute, auth:execute.
Security
ClientAccessToken
- Sandbox environmenthttps://api.sbx.transmitsecurity.io/cis/v1/auth/token/refresh
- Production environment (US)https://api.transmitsecurity.io/cis/v1/auth/token/refresh
- Production environment (EU)https://api.eu.transmitsecurity.io/cis/v1/auth/token/refresh
- Production environment (CA)https://api.ca.transmitsecurity.io/cis/v1/auth/token/refresh
- Production environment (AU)https://api.au.transmitsecurity.io/cis/v1/auth/token/refresh
- cURL
- Node.js
- Go
- JavaScript
- Java
- Python
curl -i -X POST \
https://api.sbx.transmitsecurity.io/cis/v1/auth/token/refresh \
-H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
-H 'Content-Type: application/json' \
-d '{
"refresh_token": "string"
}'Response
application/json
{ "access_token": "string", "id_token": "string", "refresh_token": "string", "token_type": "string", "expires_in": 3600 }
Request
Logs out the user by terminating the provided session.
Required permissions: apps:delete, [appId]:delete, sessions:delete.
Security
ClientAccessToken
- Sandbox environmenthttps://api.sbx.transmitsecurity.io/cis/v1/auth/session/logout
- Production environment (US)https://api.transmitsecurity.io/cis/v1/auth/session/logout
- Production environment (EU)https://api.eu.transmitsecurity.io/cis/v1/auth/session/logout
- Production environment (CA)https://api.ca.transmitsecurity.io/cis/v1/auth/session/logout
- Production environment (AU)https://api.au.transmitsecurity.io/cis/v1/auth/session/logout
- cURL
- Node.js
- Go
- JavaScript
- Java
- Python
curl -i -X POST \
https://api.sbx.transmitsecurity.io/cis/v1/auth/session/logout \
-H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
-H 'Content-Type: application/json' \
-d '{
"session_id": "string"
}'- Sandbox environmenthttps://api.sbx.transmitsecurity.io/cis/v1/auth/users/{userId}/sessions
- Production environment (US)https://api.transmitsecurity.io/cis/v1/auth/users/{userId}/sessions
- Production environment (EU)https://api.eu.transmitsecurity.io/cis/v1/auth/users/{userId}/sessions
- Production environment (CA)https://api.ca.transmitsecurity.io/cis/v1/auth/users/{userId}/sessions
- Production environment (AU)https://api.au.transmitsecurity.io/cis/v1/auth/users/{userId}/sessions
- cURL
- Node.js
- Go
- JavaScript
- Java
- Python
curl -i -X GET \
'https://api.sbx.transmitsecurity.io/cis/v1/auth/users/{userId}/sessions' \
-H 'Authorization: Bearer <YOUR_TOKEN_HERE>'Response
application/json
[ { "session_id": "string", "start_time": "2019-08-24T14:15:22Z", "expiration_time": "2019-08-24T14:15:22Z" } ]
- Sandbox environmenthttps://api.sbx.transmitsecurity.io/cis/v1/auth/users/{userId}/sessions
- Production environment (US)https://api.transmitsecurity.io/cis/v1/auth/users/{userId}/sessions
- Production environment (EU)https://api.eu.transmitsecurity.io/cis/v1/auth/users/{userId}/sessions
- Production environment (CA)https://api.ca.transmitsecurity.io/cis/v1/auth/users/{userId}/sessions
- Production environment (AU)https://api.au.transmitsecurity.io/cis/v1/auth/users/{userId}/sessions
- cURL
- Node.js
- Go
- JavaScript
- Java
- Python
curl -i -X DELETE \
'https://api.sbx.transmitsecurity.io/cis/v1/auth/users/{userId}/sessions' \
-H 'Authorization: Bearer <YOUR_TOKEN_HERE>'