Validate Session

POST

sessions

validate

Validate session

curl --request POST \
  --url https://api.authsignal.com/v1/sessions/validate \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "accessToken": "eyJhbGciOiJ...",
  "clientIds": [
    "64818035-68c3-4087-a449-bdd176a166c4"
  ]
}
'

{
  "user": {},
  "expiresAt": 123,
  "verificationMethod": "SMS"
}

Authorizations

Authorization

string

header

required

Use your Authsignal secret key as the username and leave the password empty. The secret key can be found in the API Keys section of the Authsignal Portal settings page.

Body

application/json

accessToken

string

required

The access token to be validated.

clientIds

string[]

A list of IDs of the app clients for which the access token is valid. If provided, the access token must be issued for one of these clients.

Response

user

object

required

A JSON object containing user claims.

expiresAt

number

required

The token expiry as a Unix timestamp in seconds.

verificationMethod

enum<string>

The verification method which was used to create the session.

Available options:

SMS,

AUTHENTICATOR_APP,

EMAIL_MAGIC_LINK,

EMAIL_OTP,

PUSH,

DEVICE,

SECURITY_KEY,

PASSKEY,

VERIFF,

IPROOV,

PALM_BIOMETRICS_RR,

IDVERSE

Refresh SessionRefresh a session for a given refresh token. This will return a new access token and refresh token, revoking any previously issued tokens.

⌘I

Validate session

curl --request POST \
  --url https://api.authsignal.com/v1/sessions/validate \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "accessToken": "eyJhbGciOiJ...",
  "clientIds": [
    "64818035-68c3-4087-a449-bdd176a166c4"
  ]
}
'

{
  "user": {},
  "expiresAt": 123,
  "verificationMethod": "SMS"
}

API reference

Server API

Client API

Management API

Call Connect API

Terminal API

Authorizations

Body

Response