After a user has logged in interactively, a downstream non-browser application can request the status of user session via a back channel request.
Ubisecure SSO includes the /uas/status endpoint for this purpose.
For the request, you need the EntityID of the SAML2 application or the client_id of the OAuth2 application.
The id_token and userinfo response contains an OAuth2 extension called session_index. You must pass this session_index value to the non-interactive applicaation and then call our /uas/status endpoint in the back channel using the sessionIndex and entityID parameters.e.g.
The session_index value cannot be used to retrieve user information, only for finding out if there is a valid session or not.
The response is by default in JSON format. Other formats are supported if sending the query parameter “type”
“application/xml” or “application/json” for XML or JSON respectively.
If there is a session, the message looks like this:
If there is no session, the message looks like this: