Create Session

Create Session
Create new session

Generates a new active session token for authentication. Supports both local PAM authentication and vSphere SSO authentication. Returns session details including user role information along with an authentication token in the response header.

Request
URI
POST
https://{server}:9443/api/admin/v1/sessions
COPY
Request Body

Credentials required for session creation

SessionCreateRequest of type(s) application/json
Required

Show optional properties

{
    "username": "admin",
    "password": "SecureP@ssw0rd"
}
{
    "authType": "vsphere",
    "username": "admin",
    "password": "SecureP@ssw0rd"
}
string
authType
Optional
Constraints: default: local

Authentication type

Possible values are : local, vsphere,
string
username
Required

Username for authentication

string
password
Required

Password for authentication

Authentication
This operation uses the following authentication methods.
Responses
200

Successfully generated session

Returns SessionCreateResponse of type(s) application/json 
{
    "success": true,
    "completed": true,
    "time": 1753089693083,
    "version": "1.0",
    "data": {
        "user": {
            "enterprise": "HybridityAdmin",
            "organization": [
                "DEFAULT"
            ],
            "currentOrganization": "DEFAULT",
            "roles": [
                "System Administrator",
                "Appliance Administrator"
            ],
            "username": "[email protected]",
            "transactionId": "4636e751-ca87-42d4-a7fc-809b31fbbd82"
        },
        "cloud": {
            "name": "HCX Manager",
            "type": "vsphere"
        },
        "organizations": [
            {
                "name": "DEFAULT",
                "id": "default-org-id"
            }
        ]
    }
}
boolean
success
Optional

success

boolean
completed
Optional

completed

integer As int64 As int64
time
Optional

Unix timestamp in milliseconds

string
version
Optional

version

object
data
Optional

Session data including user and organization details

Response Headers

string
x-hm-authorization

Session authentication token (use this in subsequent API calls)

string
auth_token_name

Name of the authentication token header


400

Bad request - unsupported authentication type

Returns SessionErrorResponse of type(s) application/json 
{
    "success": false,
    "completed": false,
    "time": 1753089693083,
    "version": "1.0",
    "errorCode": "BAD_REQUEST",
    "error": "Unsupported auth type: invalid"
}
boolean
success
Required

Indicates if the operation was successful

boolean
completed
Required

Indicates if the operation completed

integer As int64 As int64
time
Required

Unix timestamp in milliseconds

string
version
Required

API version

string
errorCode
Optional

Enum error code for specific errors

Possible values are : BAD_REQUEST, INVALID_CREDENTIALS, NOT_ENOUGH_PRIVILEGES, INVALID_SESSION_TOKEN, INTERNAL_SERVER_ERROR,
string
error
Optional

Human-readable error message


401

Unauthorized - invalid credentials

Returns SessionErrorResponse of type(s) application/json 
{
    "success": false,
    "completed": false,
    "time": 1753089693083,
    "version": "1.0",
    "errorCode": "INVALID_CREDENTIALS",
    "error": "Invalid username or password."
}
boolean
success
Required

Indicates if the operation was successful

boolean
completed
Required

Indicates if the operation completed

integer As int64 As int64
time
Required

Unix timestamp in milliseconds

string
version
Required

API version

string
errorCode
Optional

Enum error code for specific errors

Possible values are : BAD_REQUEST, INVALID_CREDENTIALS, NOT_ENOUGH_PRIVILEGES, INVALID_SESSION_TOKEN, INTERNAL_SERVER_ERROR,
string
error
Optional

Human-readable error message


403

Forbidden - access denied

Returns SessionErrorResponse of type(s) application/json 
{
    "success": false,
    "completed": false,
    "time": 1753089693083,
    "version": "1.0",
    "errorCode": "NOT_ENOUGH_PRIVILEGES",
    "error": "Access Denied"
}
boolean
success
Required

Indicates if the operation was successful

boolean
completed
Required

Indicates if the operation completed

integer As int64 As int64
time
Required

Unix timestamp in milliseconds

string
version
Required

API version

string
errorCode
Optional

Enum error code for specific errors

Possible values are : BAD_REQUEST, INVALID_CREDENTIALS, NOT_ENOUGH_PRIVILEGES, INVALID_SESSION_TOKEN, INTERNAL_SERVER_ERROR,
string
error
Optional

Human-readable error message


500

Internal server error

Returns SessionErrorResponse of type(s) application/json 
{
    "success": false,
    "completed": false,
    "time": 1753089693083,
    "version": "1.0",
    "errorCode": "INTERNAL_SERVER_ERROR",
    "error": "Exception while performing auth"
}
boolean
success
Required

Indicates if the operation was successful

boolean
completed
Required

Indicates if the operation completed

integer As int64 As int64
time
Required

Unix timestamp in milliseconds

string
version
Required

API version

string
errorCode
Optional

Enum error code for specific errors

Possible values are : BAD_REQUEST, INVALID_CREDENTIALS, NOT_ENOUGH_PRIVILEGES, INVALID_SESSION_TOKEN, INTERNAL_SERVER_ERROR,
string
error
Optional

Human-readable error message


Code Samples
COPY
                    curl -X POST -H 'Authorization: <value>' -H 'Content-Type: application/json' -d '{"username":"string","password":"string"}' https://{api_host}/api/admin/v1/sessions
On This Page
Session Management Operations
POST
Create Session
GET
Get Session
DELETE
Delete Session