Warning! Construction underway! Amatino is in an 'alpha' state. Not all features are operational. See roadmap

Primary
Account
Entity
Transaction
Derived
Balance
Ledger
Performance
Position
Recursive Balance
Recursive Ledger
Tree
Ancillary
Custom Unit
Entity List
Entry
Global Unit
Global Unit List
Ledger Row
Price
Object
Create
Delete
Side
Tx Version List
Tree Node
Type
User
User List

Session

Sessions are the keys to the Amatino kingdom. All requests to the Amatino API, except those requests to create Sessions themselves, must include two HTTP headers: An integer session identifier, and a Hashed Message Authentication Code (HMAC) signed with a Session API Key.

Creating a Session with a POST request is analogous to 'logging in', and deleting a Session with a DELETE request is analogous to 'logging out'. Your application might wish to create multiple Sessions for a User. For example, one per device.

The formula for the Amatino API HMAC signature is SHA512((Unix timestamp in seconds) + (URI path) + (JSON data)), using the Session API key as the hash key. The HMAC should be URL-safe Base64 encoded. For more help with generating request signatures, check out the Amatino API Request Signature knowledge base article.

The Session Object

When returning a Session object to you, Amatino will use the following structure

Root Type

JSON Object

Object Structure

type JSON String
example "EPcmwPnjFQFWrZjYtM3J6GZMrGA0gC-40cUD0NKK_K0A"
key "api_key"
description A URL-safe base-64 encoded 256-bit random number generated in a cryptographically secure manner
note Amatino replaces all "=" padding characters with the character "A".
type JSON Number
example 4200100
key "session_id"
description An integer Session identifier
type JSON Number
example 1337
key "user_id"
description An integer ID of the User this Session authenticates

Create Session

API Path /session
HTTP Method POST
Description Descr. Create a new Amatino API Session

Required Headers

None.

Required URL Parameters

None.

Required JSON Data

Root type

Object Structure

type JSON String or JSON Null
example "clever@cookie.com"
key "account_email"
description The email address associated with the User for which a Session is to be created
note Supply either an account_email or user_id, but not both
type JSON Number or JSON Null
example 8675392677
key "user_id"
description The integer identifier associated with the User for which a Session is to be created
note Supply either an account_email or user_id, but not both
type JSON String
example "excellent high entropy passphrase"
key "secret"
description The passphrase associated with the User for which a Session is to be created

Returns

Root Type

JSON Object

Object

Session

Delete Session

API Path /session
HTTP Method DELETE
Description Descr. Delete a Session, ending its ability to be used to authenticated to the Amatino API

Required Headers

Key X-Signature
Value Your Session signature
Example "yxATCPRKAAXHNiPctNQPHEGGVJF"...
Key X-Session-ID
Value An an integer Session ID
Example 7449059267091272858

Required URL Parameters

None.

Required JSON Data

None.

Returns

Root Type

JSON Object

Object Structure

type JSON Number
example 4200100
key "session_id"
description The id of a deleted session