API only for an app on server side

[Badneighbour91]

Hello,

I would have liked to create a client application custom to handle my devices. But as JSESSION_ID is “httponly”, when I call the login API I can't get the JSESSION_ID, it only works from an app on server side. Does it possible to have an API for the client side?

[bjorn085]

Hi, I don't understand your point. What are you calling client or server application ? I'm for example able to call /login from a php script on a server, or from a postman client.

[Badneighbour91]

An application web in VueJS for example is a client application. Postman it's normal because the request use in reality the postman servers as proxy to send the request to avoid any issues of this kind. But I'm thinking, It would be a bit dangerous to authorize a client to contact directly Somfy API😅

[Badneighbour91]

So I'm going to create a server in NodeJS to do it :-)

[bjorn085]

. Postman it's normal because the request use in reality the postman servers as proxy to send the request to avoid any issues of this kind.

I don't think so There are several users that for example use cUrl to access login api without any problem. And cUrl is a client app that's in its name 😀 There is no limitation of this kind

[Badneighbour91]

Yes, you're right for Postman, I have got bad understood my problem 😅. It's more link because I tried to create a web app in VueJS and the actual issue is that the browsers don't save the cookies with “httponly” property at true. So I need to create a server to handle the login