Managing API Session Validity With "Expires"

This article outlines the expires flag which can be used to configure how long an API session is valid for.
By default, the security signature is valid for 7 days (168 hours). This can be overridden on a per -API/per-Consumer basis by Learnosity Support (via Consumer Service Options for a given API), or it can be overridden by setting an `expires` value in the security object when initializing the API.

In order to give our clients more control over how long an API session is valid for we have added an expires flag.

This optional attribute called expires can be set in the request to a GMT date of format YYYYMMDD-HHMM and it can be overridden on a per request basis.

This can be set to a longer period or a shorter period than the default. All requests to save or submit will fail once the expires timestamp has passed. 

As above, the default expiration time will be current time + 168 hours, but if you only want the sessions to be valid for say 2 hours, you can do current time + 2 and set that in the aforementioned format.


Key Type Default Description
expires string none GMT date of format YYYYMMDD-HHMM

Example below for Items API

Sets session expiration for 2 hours from now.

$security = array(
        "consumer_key"    => "INSERT_CONSUMER_KEY_HERE",
        "domain"          => "",
        "timestamp"       => gmdate("Ymd-Hi"),
        "user_id"         => "examUser1",
        "expires"         => gmdate("Ymd-Hi", strtotime('+ 2 hours')),
        "consumer_secret" => "INSERT_CONSUMER_SECRET_HERE"
Was this article helpful?

Did you arrive here by accident? If so, learn more about Learnosity.