Login and Session Management

In order to access any of the Micello.com APIs, a few valid items are prerequisite:

  • Username
  • Password
  • Session Information (session_name and sessid)
  • X-CSRF-Token

The following describes how to use and maintain these items.

Initial Contact: Login 

If this is a net new communication with Micello.com, the first step is to establish a session with the site framework. Using the username and password creation during registration (don't have one? get one now), provide those details within the Micello.com Login service call.

If this was successful, the return should include some vital pieces of information required for future service calls:

  • Session Information (session_name and sessid)
  • X-CSRF-Token

Each of this bits of data are now required for future service calls since this will positively idenfity the user which is attemting to interact with the Micello.com service calls. 

Constructing the Necessary Headers

Using the bits of data returned from the login service call, there are two headers required on each service call:

  • Cookie
  • X-CSRF-Token

Each are constructed differently.

Cookie

The cookie is made up of two parts, the session_name and the sessid: session_name=sessid

When constructing the Cookie, concatenate these necessary data bits.

X-CSRF-Token

For this header simply provide the token sent back during a successful login. If this token is lost or needs to be refreshed, the Token Retrieval service call will provide the necessary means. The Cookie information will be required for that operation.

Example

For example, the headers sent in during a service call might look like the following:

'Cookie': 'SESS23453efw3trcasdcweqrt3wt=34c2c3t542t4c23t5232345vh'
'X-CSRF-Token': 'dsafgsdgfs43t4354g452g24g54gtAASDF'