@RequestMapping(value="/rest/session", method=PUT, produces="application/json")
userUser name

URL Example


Parameter designation method

As with POST, send Content-Type as application/x-www-form-urlencoded.
Specifically, specify "application/x - www - form - urlencoded" in the Content - Type header and send the following character string.


When using POSTMAN, You can confirm by specifying x - www - form - urlencoded and setting parameters as shown in the figure.

Figure 1 Using the REST API

Response - Logon Success

Returns JSESSIONID in cookie.Please add this JSESSIONID when calling the subsequent REST API.
Here is an example of the content of the return.

 "groupId": [],
 "username": "admin",
 "passwdChangeDate": null,
 "preference": {
   "id": "admin",
   "item": []
 "juser": {
   "id_": 101,
   "userid_": "admin",
   "jgroupid_": [],
   "name_": "システム管理者",
   "valid_": null,
   "level_": 0,
   "passwdChangeDate_": null,
   "passwdChangeFlag_": null,
   "passwdErrCount_": null,
   "rule_": []
 "passwdChangeFlag": null

Response - Logon failure

STATUS=401 Unauthorized
Here is an example of the content of the return.

 "__jfc_jfcerrors": {
   "jfcwarn": [],
   "jfcinfo": [],
   "jfcdebug": [],
   "jfcerror": [
       "name": null,
       "content": "ユーザ名またはパスワードが間違っています。Accounts may be locked if you mistake the password multiple times consecutively.Please be careful.",
       "code": "error.password.mismatch"

Response of password hashing

In WagbyHash passwordcan do.

The logon process of the REST API also supports this hashed password.Please send the password in plaintext.

@RequestMapping(value="/rest/session", method=DELETE, produces="application/json")

URL Example



STATUS=200 OK 返戻の内容例を示します。

@RequestMapping(value="/rest/session", method=GET, produces="application/json")

URL Example


Response - When authenticated

Same as "Response logon success" above.

Response - when not authenticated

STATUS = 401 Unauthorized
The content is empty.


You can log on at the time of one REST API call and log off after REST API processing is over.In this case you do not need to maintain the session.(It is unnecessary to keep the JSESSIONID in the cookie as described above.)

Set "X - Wagby - Authorization" in the request header when calling REST API.The value is specified by encoding BASE64 with a colon separated user ID and password.

For example, encoding "admin: admin" with BASE 64 will result in "YWRtaW 46 YWRta W 4 =".

The method of encoding (encode) with BASE 64 is omitted.Various services are published on the Internet.

Reference material


This is the timing to send an HTTP request to Wagby, and it gives the logon ID and password in the header.In actual operation, please use HTTP encrypted communication (HTTPS).[More ...]

trouble shooting

Other users logged on during REST API processing are forcibly logged out and returned to the logon screen

Please confirm the following points.

  • When building with the project license development kit, the maximum number of simultaneous logons can be 2.
  • "The maximum number that can log on to the system with the same logon account"Is 1, the account logged on for the first time is always forcibly logged out.
  • When using POSTMAN for testing, "Users logging on other than REST API processing" must use a browser other than Chrome.Since POSTMAN and Chrome share one cookie, you can not log on individually.