Skip to content

POST Authentication

Jump to bottom
Developer From Jokela edited this page Aug 14, 2020 · 6 revisions

This POST&GET request will authenticate you with the Wilma

Basepath for logging in: https://<your_wilma_server>/login

Basepath for obtaining the Session ID: https://<your_wilma_server>/index_json

Basepath for logging out: https://<your_wilma_server>/logout

Obtaining the Session ID

You can obtain the Session ID by requesting an GET request to the:

Basepath for obtaining the Session ID

You'll get this as a successful response:

{
  "LoginResult": "Failed",
  "SessionID": "<the_session_id>",
  "ApiVersion": 10,
  "Workers": []
}

And if it manages to fail, here's an example error response:

{
  "error": {
    "id": "example-1",
    "message": "Some weird error",
    "description": "Don't worry, this is an example ;-)",
    "whatnext": "",
    "statuscode": 403
  }
}

Take down the SessionID from the successful response, and we can continue to the login

Login request

In order to login, you should to a POST request to the:

Basepath for logging in: https://<your_wilma_server>/login

These are the POST parameters:

  • Login - Username
  • SESSIONID - The SessionID we got in the previous response
  • CompleteJson - Value: `` (leave it empty) This is not a required parameter, basically it will get every page from Wilma server as json (don't confuse it with the JSON response, it just sets a Content-Type header to `application/json`. Althrough on some pages it will give you JSON response)
  • ApiKey - Value: sha1:<HASH_VALUE>,How to get <HASH_VALUE>: Generate a SHA1 key using this example: (||<API_KEY>). is the username,you are familiar with, now<API_KEY>` is a weird one. You can't get it easily. Only ways is to send a request to Visma (if no one answers, write directly to the CEO and magic will happen), or (little bit illegal) go and extract it from their app
  • Password - The password of user
  • format - Use value json so you will get all error messages in this request as JSON response

Done with parameters, finally send it. If the authentication went successfully, you'll get the homepage of the user:

{
  "LoginResult": "Ok",
  "WilmaId": "888f7a471f187aedd6a258c4b67e2154s5741ds1",
  "ApiVersion": 10,
  "FormKey": "student:87654:1f8ef7cc65954655a34a2312145",
  "ConnectIds": [],
  "Name": "Developer From Jokela",
  "Type": 2,
  "PrimusId": 87654,
  "School": "Example school",
  "Exams": [],
  "Observations": [],
  "News": [],
  "Groups": [],
  "Photo": "",
  "EarlyEduUser": false,
  "Roles": []
}

**One last note: **Remember to save the Wilma2SID cookie, it's your session cookie, it lasts about 25 minutes if not used

If your Wilma session expires, Wilma will throw an error. There are 4 errors which mean same thing, need to re-login, with these ids:

  • common-20
  • common-18
  • common-15
  • common-34

And you get this error response if credentials are invalid:

{
  "LoginResult": "Failed",
  "SessionID": "<the_session_id>",
  "ApiVersion": 10,
  "Workers": []
}

Now you're done to do more requests. All other requests get this kind of error response:

{
  "error": {
    "id": "example-1",
    "message": "Some weird error",
    "description": "Don't worry, this is an example ;-)",
    "whatnext": "",
    "statuscode": 403
  }
}

Logging out

POST request to

Basepath for logging out

With POST parameters:

  • FormKey - from homepage or LoginResult

Result (successful): Error with ID common-20 OR No response

Clone this wiki locally