No announcement yet.

Client API Question

  • Filter
  • Time
  • Show
Clear All
new posts

  • Client API Question

    I have been playing with the client APIs. It "appears" that in order to exercise some of the APIs you have to issue a LOGIN request.

    Once you issue the login request via posting credentials as form data you get back a sessionId in the form of a cookie.

    The problem is when the cookie is set it is set as the path of /api

    This is problematic. This means the sessionid cookie is only available if my client is running in the path if [site]/api

    Better practice would be to set the path of the cookie to the highest domain of '/'

    Is there a specific reason as to why the cookie is set like this?