Create a session token

post/session_tokens

The POST /session_tokens request generates a session token which associates a mobile card reader with a merchant account.

SecurityappIdAuth and appTokenAuth
Request
header Parameters
Api-Version
required
string
Example: 3.0
Content-Type
required
stringapplication/json
Example: application/json
Unique-Key
string
WePay-Risk-Token
string

This header is required when tokenizing Payment Methods, Legal Entities, and Payout Methods when the tokenization JS library is not being used.

Client-IP
string

This header is required when tokenizing Payment Methods, Legal Entities, and Payout Methods when the tokenization JS library is not being used.

Request Body schema: application/json
type
required
string

Describes the type of session token. Can be either api_session or mobile_session.

Enum: Description
mobile_session

Session token which associates a mobile card reader with a merchant account.

api_session

A session token created for the API use case (as opposed to Card Present use case).

object
Responses
201
Response Schema: application/json
id
required
string [ 1 .. 255 ] characters

ID of the object or resource.

session_token
required
string

When using mobile card readers, a string that should be passed to the WePay Card Present SDK during initialization and when refreshing a session.

expire_time
required
integer <int64> >= 0

The UNIX timestamp in seconds that indicates when the session token will expire.

path
required
string or null

The HTTP path of the resource. The path can be used to retrieve details about the resource and perform actions on it.

required
object

Details the owner resource and owner path associated with the document.

resource
required
string

Helps organize information by identifying the resource type of the object data.

Value: Description
session_tokens
create_time
required
integer <int64> >= 0

The UNIX timestamp for when the object was created.

api_version
required
string
state
required
string

Describes the state of session token. Can be either active or deleted.

Enum: Description
active

The token was successfully generated and has not yet been deleted by your app with a DELETE request.

deleted

The session token was deleted by your app with a DELETE request.

type
required
string

Describes the type of session token. Can be either api_session or mobile_session.

Enum: Description
mobile_session

Session token which associates a mobile card reader with a merchant account.

api_session

A session token created for the API use case (as opposed to Card Present use case).

object
400

INVALID_PARAMS

403

NOT_AUTHORIZED

500

UNEXPECTED_ERROR

Request samples
application/json
{
  • "type": "mobile_session",
  • "mobile_session": {
    • "account_id": "c9536e75-fce8-44e0-94dd-9bc0cdd52d6c"
    }
}
Response samples
application/json
{
  • "id": "00000000-0000-0000-0000-0000260bb8c8",
  • "session_token": "prod_MTA3X2U0NmQ1OTg5LWZlMDctNGNhOC1iMzQyLTdlNjI1ODBlYTlhYg",
  • "expire_time": 1560544108,
  • "path": "/session_tokens/00000000-0000-0000-0000-0000260bb8c8",
  • "resource": "session_tokens",
  • "owner": {
    • "id": "eba1ce8e-8ba8-4503-8f3f-70a5df29bbdf",
    • "path": "/accounts/eba1ce8e-8ba8-4503-8f3f-70a5df29bbdf",
    • "resource": "accounts"
    },
  • "create_time": 1560543108,
  • "api_version": "3.0",
  • "state": "active",
  • "type": "mobile_session",
  • "mobile_session": {
    • "time_to_live": 86400,
    • "account_id": "eba1ce8e-8ba8-4503-8f3f-70a5df29bbdf"
    }
}