This page relies on a session token being provided. This allows us to display a user guide specific to your organisation.
The session token should be submitted as follows:
"https://api.s4labour.com/userguide?sessionID={session}"
Details on how to generate a session token are explained below.
The API relies on a Http session that is instigated by a call to
with username and password set as a Basic Http Authentication header in the Http request. The password should be 64 bit encoded using “iso-8859-1” code page.
If login is successful, the requested user’s ‘User ID’ and ‘Name’ is saved as part of the Current Http Session and a token is returned to the calling process. This token must be included as part of subsequent calls to the API during until the connection is closed with a call to “LogOut”. User privileges are checked for each call to the API at Site and Organisation level.
If the Authorization Header is missing from the Http request to Login a HTTP 401 error is returned with a message of
If login fails due to an invalid username or password information the API returns a HTTP 401 error with a message of:
Separate Http sessions can consume the API provided the Token created at Login is included as part of the call. The token is destroyed when the user call Logout or after a given timeout.
This ‘LogOut’ should be used as it closes and destroys both the current token and the current HTTP session.
If the API is inactive for longer than 5 minutes the current login is terminated and subsequent calls using the allocated Token will a HTTP 401 error with a message of
Additional security prevents unauthorised or excessive access to the API resulting in a HTTP 401 error with a message of
The current login (or attempted login) will then be locked until reactivated by S4 support.