Showing results for 
Search instead for 
Did you mean: 
Create Post
Level 8

API Requests failing when using sessionKey authentication

I'm trying to follow the documentation Web Help Desk REST API Guide  to authenticate with a sessionKey using PowerShell.  I've tried the same steps in PowerShell, CURL, and the Postman API test bench - all return the same failure.

I'm able to successfully acquire the sessionKey by issuing a request like this:

Invoke-WebRequest -Uri "https://<WHD URL>/helpdesk/WebObjects/Helpdesk.woa/ra/Session?username=WHDAdmin&apiKey=<hidden>"

The response is valid JSON, and contains what appears to be a valid session key:


Then I issue the request for a ticket:

Invoke-WebRequest -Uri "https://<WHDURL>/helpdesk/WebObjects/Helpdesk.woa/ra/Tickets/100?sesionKey=<sessionKey from last step>"

The response is not a JSON object of the requested ticket as expected, but rather an error:

Invoke-WebRequest : Authentication required.

At line:1 char:1

+ Invoke-WebRequest -Uri "https://<WHDURL>/helpdesk/WebO ...

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException

    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

Has anyone successfully used the sessionKey authentication method against a WHD instance?

Any help would be appreciated.


0 Kudos
2 Replies
Level 7

I was having the same problem.  I could get the sessionKey using curl or Postman, but when using jQuery.ajax() the sessionKey was rejected.  When poking around in the headers, I found that the JSESSION cookie didn't match.  That lead to discovering that the ajax call for the Session key needed to include:

xhrFields: {

              withCredentials: true


in the call.  This allows the returned cookies to be set.

0 Kudos
Level 8

Also, it seems like I'm not the first to ask this questions:

Re: Web Help Desk REST API

Web Help Desk REST API

Need some API help on C# please

This post may seem to suggest that maintaining session cookies is necessary (but is only required for uploading files via the API): Uploading attachment to a ticket via the API

0 Kudos