Content
View differences
Updated by Markus Kahl over 12 years ago
Activating the ‘session expires’ \[1\] setting under Administration -\> Settings -\> Authentication breaks the API.
API calls do have a session (although they shouldn’t have one) which then can expire which then leads to failing API calls despite correct authentication (API key).
When the session expires the API call is answered with a HTTP 302, that is a redirect to the login page.
\[1\] 
PR [875](https://github.com/opf/openproject/pull/875)
API calls do have a session (although they shouldn’t have one) which then can expire which then leads to failing API calls despite correct authentication (API key).
When the session expires the API call is answered with a HTTP 302, that is a redirect to the login page.
\[1\] 
PR [875](https://github.com/opf/openproject/pull/875)