Creating a login session

You create a login session when you log in to the appliance through the browser. Additional requests to the appliance use the session ID, which must be protected because it represents the authenticated user. To protect the session ID, use a supported web browser when using the UI. When writing a client of the OneView REST interface, the programmer must not reveal the session ID.

A session remains valid until you log out or the session times out (for example, if a session is idle for a longer period of time than the session idle timeout value).

The default timeout value is 24 hours. To change the value on a per-session basis, use POST /rest/sessions/idle-timeout. You can change the value to 24 hours or less.