Betfair Developers

Session token persistence

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Drifter
    Junior Member
    • Mar 2009
    • 30
    #1

    Session token persistence

    back in December, I created the appkey and a session token using the Python example from Github. Everything worked pretty much.

    Moving to the present, I have ported the C# code from Github and running it, I get an exception thrown: 'invalid session token'. I was under the impression that once I had created the appkey and session token pair, that that was it - all I needed to do was send those at the front of a request and I would get API service.

    What is the situation? Did the token expire? did the rules change? What is the persistence? Do I have to re-create the appkey.



    TIA.
    Tags: None
    • betdynamics
      Junior Member
      • Sep 2010
      • 534
      #2
      A session token is generated each time you log in. You need to store the session id and use it for future calls (within the current session)

        Comment

        • AlgoTrader
          Junior Member
          • Mar 2012
          • 243
          #3
          My current understanding is session should be extended with keepAlive request every 15 minutes, otherwise it can/may be expired.

          The probable reasoning is the login/logout/keepAlive calls are directed to auth service, while other calls go to api service. It seems APi service does not care to extend session, but I am not sure
          Betfair Bots Made Easy

            Comment

            • Drifter
              Junior Member
              • Mar 2009
              • 30
              #4
              So I can't get it returned by the API - I have to go grubbing around in the OS for it for every session? I thought that was the point of generating SSL certificates?

              Maybe I missed something, but what? What is the point of the appkey then if it doesn't tie an app to a user and certificate to validate the session?

                Comment

                • jptrader
                  Junior Member
                  • Nov 2009
                  • 82
                  #5
                  No need to generate appkeys more than once. The session token is obtained when logging in: https://api.developer.betfair.com/se...i/API-NG+Login

                    Comment

                    • merecat_
                      Junior Member
                      • May 2009
                      • 35
                      #6
                      App keys - so betfair can easily identify you as a user on each API call and in their databases in a way which will not change (like a session token will) and will not compromise your user credentials.

                      SSL - so communications can be encrypted so nobody can sniff your data, except GCHQ, NSA, FSK... :-) Betfair still need to ascertain who you are though through authentication.

                      Session token - your temporary pass allowing you to make API calls, issued when you authenticate with a valid user Id and password, you can invalidate it whenever you want, and so can betfair, it is basically an alias for your user credentials but it is much more efficient and safer passing this token on every API call versus embedding your user credentials. I guess Betfair could infer the current session token by associating the app key on the server (rather than have you pass it on every api call), but that adds more complexity and how hard is it for clients to include both anyway?

                      Yes a lot of faffing about but it is for our protection and to protect Betfair's good name and assist the performance / functionality of the site (the app key no doubt helps betfair in this regard), the internet can be a hostile environment and it's reassuring that Betfair take this seriously.

                      Regards.
                      Last edited by merecat_; 08-03-2014, 02:07 AM.

                        Comment

                        Previous template Next
                        Working...
                        X