Happy Business Starts Here

Zuora Support Moderator

API optomization series: session logic

What is Zuora’s recommended best practice concerning API integration approach to API session logic and re-use of our login tokens generated by REST connections or SOAP login()



If you found my answer helpful, please give me a kudo ↑
Help others find answers faster by accepting my post as a solution √


1 REPLY 1
Highlighted
Zuora Support Moderator

Re: API optomization series: session logic

Solution:

The idea behind session token generated by API login/connection framework, also referred to as "session cookie", is to offer a method of repeating API calls in an optimized way by reusing the same token for a defined amount of time.  Ideally, you want to make the fewest number of API calls to achieve the same end-goal.

 

To illustrate, let's review a few API call sequences in an oversimplified way

 

Unoptimized example (SOAP API) to create a new account:

 

login()

query() - checking for existing account

login()

subscribe()

login()

create() Payment  

 

Optimized example (SOAP API) to create a new account:

 

login()

query() - checking for existing account

subscribe()

create() Payment  



As you can see, in the second sequence, we've reduced the call traffic down from 6 calls to 4 by reducing the unnecessary login() API, and reusing the session cookie produced from the first login() in all subsequent API calls.  Net benefit being a quicker overall API sequence to the client and reduced API load to the server.  The session timeout for any given login session is defined by the Session timeout value configured in the Security Policies administration setting. The default setting for this timeout is 15 minutes and can be set as high as 8 hours.  Developers should instrument re-login prior to session window timeout.

 

See also Knowledge Center Articles

https://knowledgecenter.zuora.com/DC_Developers/SOAP_API/E_SOAP_API_Calls/login_call

https://knowledgecenter.zuora.com/DC_Developers/SOAP_API/E_SOAP_API_Calls/login_call/Log_in_to_the_S...

https://knowledgecenter.zuora.com/DC_Developers/REST_API/B_REST_API_reference/Connections

https://knowledgecenter.zuora.com/CF_Users_and_Administrators/A_Administrator_Settings/Security_Poli...





If you found my answer helpful, please give me a kudo ↑
Help others find answers faster by accepting my post as a solution √