Managing Session Tokens

REST API Reference

For complete information on the available REST endpoints and schemas, explore the REST API Reference.

Check validity and revoke Session tokens to manage rate limits and security.

Pass the Session token as Bearer:

Authorization: Bearer <SESSION_TOKEN>

Revoked tokens immediately free rate limit quota (10/hour, 20/day per Profile).

Link to this section#Check Validity

GEThttps://auth.quiltt.io/v1/users/sessionCopy endpoint URL to clipboard

Verify cached tokens before issuing new ones (app startup, before Connector launch, after network errors):

curl --request GET \
  --url 'https://auth.quiltt.io/v1/users/session' \
  --header 'Authorization: Bearer <SESSION_TOKEN>'

{
  "token": "eyJhbGciOiJIUzUxMiJ9.eyJuYmYiOjE2NzE4MjI5MTIsImlhdCI6MTY3MTgyMjkxMiwianRpIjoiNDU1MWNhNDktYzAwMi00ZDliLTkyZWMtNDY1MDE4ZTI4ZmRjIiwiaXNzIjoiYXV0aC5xdWlsdHQuaW8iLCJhdWQiOiJhcGkucXVpbHR0LmlvIiwiZXhwIjoxNjcxOTA5MzEyLCJ2ZXIiOjIsImRpZCI6ImFwaV8xN05PRXdWR2N2eU9xcGxuUWREMjdnWSIsInVpZCI6InBfMTFld3JWa0VuZDdMSXZTVkFtdDhYTDUifQ.5tYTjr_k0GKG6LsaAEt3V0RAiJe9UU59USUAASJTXf5e1923njb4UqYUozAVm34fARXT-SRvlE1-_J4wdiVNwg",
  "userId": "p_11ewrVkEnd7LIvSVAmt8XL5",
  "environmentId": "env_1Bx4omNvZgKao2OqGshImD",
  "expiration": 1671909244,
  "expiresAt": "2022-12-24T19:14:04Z"
}

Link to this section#Revoke Tokens

DELETEhttps://auth.quiltt.io/v1/users/sessionCopy endpoint URL to clipboard

Free rate limit quota by revoking tokens at logout, session timeout, or security events:

curl --request DELETE \
  --url 'https://auth.quiltt.io/v1/users/session' \
  --header 'Authorization: Bearer <SESSION_TOKEN>'

204 No Content

Link to this section#SDK Examples

See Best Practices for complete caching and logout implementations using Quiltt SDKs.