Skip to end of metadata
Go to start of metadata

Authenticating to ScienceBase and retaining your authentication for future requests using JOSSO.

To authenticate you must obtain a JOSSO session ID.  There are two ways to get this ID.  The first way is from the JOSSO signon page.  Username and password are sent in as request parameters.

JOSSO Signon Page Request
POST:  https://my.usgs.gov/josso/signon/usernamePasswordLogin.do
Request Parameters:
    josso_cmd:josso
    josso_username:<username>
    josso_password:<password>

From this session, the value of the cookie with the name "JOSSO_SESSIONID" is your JOSSO session ID.

The second way to get the JOSSO session ID is from the JOSSO helper in ScienceBase Catalog.  Username and password are sent in an HTTP basic authentication header.

ScienceBase Catalog JOSSO Helper Request
POST:  https://beta.sciencebase.gov/catalog/jossoHelper/sessionInfo
Headers:
    Basic Authentication header with username and password set
    [name: Accept, value: application/json]
    [name: Content Type, value: application/json]
Request Parameters:
    includeJossoSessionId: true

If successful, this will return JSON similar to the following:

ScienceBase Catalog JOSSO Helper Response
{
    "isLoggedIn":true,
    "jossoSessionId":"6E2EB1297DFC9A8CB438A1ED9A017097",
    "username":"jllong@usgs.gov",
    "fullDisplayName":"John L Long [jllong@usgs.gov]",
    "displayName":"John L Long",
    "email":"jllong@usgs.gov"
}

The value of the jossoSessionId variable is the JOSSO session ID.

Once you have a JOSSO session ID, you can make requests on any page on ScienceBase that the authenticated user has access to by adding the parameter "josso=[JOSSO_SESSIONID]". Eg: https://www.sciencebase.gov/catalog/item/4f4e4b24e4b07f02db6aea14?josso=[JOSSO_SESSIONID]

 

 

  • No labels