Skip to content
GPAS Docs

Sessions

Sessions

Operation executed by GPAS in which the authToken is sent to validate and create a wallet session.

Endpoint Details

  • Method: POST
  • URL: /sessions

Request Parameters

NameTypeRequestDescription
AuthorizationStringHeader (JWT - JSON Web Token)Authentication token provided by the operator’s system to validate the request, this parameter is sent in the launcher (AuthToken) and forwarded to the operator
walletIdStringQueryStringWallet identifier
x-parent-system-idStringHeaderUnique GPAS identifier in the operator system
x-signatureStringHeaderSignature of the message for communication security, it must be in capital letters

Response Parameters

NameTypeRequestDescription
idStringBodyWallet session identifier, used for all methods (debit, credit, rollback, etc.)
walletIdStringBodyWallet identifier
createdDateTimeBodyCreation date
statusStringBodySession status (OPEN, CLOSE)

Request Example

POST /sessions?walletId=2sdf1sd
HEADER
Authorization: Bearer <AuthToken>
x-parent-system-id: BL13GT
x-signature: SHA1(query string + secret key)

Example Signature

  • QueryString: walletId=2sdflsd
  • SecretKey: Ax34deSfgdB
  • SHA1: Encryption Function
  • SHA1(walletId=2sdflsdAx34deSfgdB)
  • Signature: 8F0F3379F1C6CC24DF5A4DC2A937061102487C46

Response Example

{
  "id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "walletId": "2sdf1sd",
  "created": "2021-08-30T16:58:35.476Z",
  "status": "OPEN"
}

Implementation Notes

  • The session created by this method will be used in all subsequent API calls
  • The session remains active until explicitly closed using the Close method
  • If an invalid authentication token is provided, the request should return an appropriate error response
  • For more information about the signature, see the X-Signature section