Login/initiate session in WSO2 Identity Server 5.11.0 without using UI

Question

I am currently using wso2 IS 5.11.0. I was trying to get sessions using '/api/users/v1/user-id/sessions'. However, the returned session list is empty.

Prior to this, I have performed a call to get access token using 'oauth2/token' with relevant scopes and 'password' grant type. Seems like this doesn't create a session implicitly.

I am looking at initiating a session creation request from backend (preferably using REST APIs). It seems like making a call to 'oauth2/token' doesn't create a session. Please provide any inputs on how to initiate a session from REST APIs (without logging in with UI)?

Answer 1

User sessions in WSO2 IS are typically created through interactive login flows, such as logging in via the management console or through a service provider

To initiate a session from a backend service without user interaction, you'll likely need to simulate a login flow that would ordinarily create a session.

1. Create a custom service that handles authentication by directly interacting with the WSO2 IS authentication APIs. This service would authenticate the user (you could pass credentials securely to this service) and then use the WSO2 IS services to create a session.
2. If you have a service provider configured in WSO2 IS for your application, you might be able to initiate an SSO login flow programmatically by simulating the steps a browser would take.