1 comment

  • Official comment
    Hari Pankajakishan

    Hi Lawrence,

    At this time we don't have a firm timeline when our jessionId will be discontinued. However, our OAUTH capabilities are available now, and more secure. You should plan on migrating to use OAUTH as soon as possible. Below are some more details on JsessionId vs OAUTH.

    Our jessionId is session-based authentication has its limitation when it comes to scalability. In this type of authentication, Session data are stored on the server side. It is just an identifier and the server does everything else. It is stateful. It associates the identifier with a user account and not the application that is making the request. Authentication here is in the context of a user accessing an application that tells an application who the current user is. The primary disadvantage is bad scalability and extensive memory use on the server side.

    However, Oauth is token-based and is the industry standard for authorizing resources that resides on the server side. The reduced complexity on the server side makes it much more scalable (for example mobile app use case). OAuth tells the application nothing about the user information. Basically, when using OAuth client - it asked for a token, got a token, and eventually used that token to access some API.

    Please go to this link to learn more about Oauth : https://developer.goacoustic.com/acoustic-campaign/reference/getting-started-with-oauth

    Hope this helps.

    Comment actions Permalink

Please sign in to leave a comment.