# validate-credentials

##### Definition

- This operation allows to validate the credentials of the user against Soffid.

##### URL

- <console-domain>/webservice/federation/rest/validate-credentials

##### Method

- POST

##### Headers

- Accept = “application/json”
- Content-Type = “application/json”

##### Authentication

- Use an account with **[federation:serviceProvider](http://federationserviceprovider/)** permission

##### Request (body JSON)

- user → user (or nick or alias)
- password → password of the user
- identityProvider → identity provider public ID
- serviceProviderName → service provider which requests the user authentication
- sessionSeconds → max time for the user session inactivity

```western
{
    "user" : "edmond.halley",
    "password" : "12345",
    "identityProvider" : "my-service-provider",
    "serviceProviderName" : "https://idp.soffid.com",
    "sessionSeconds" : "3600"
}
```

##### Response (JSON)

- authentication → \[yes|no\]
- principalName → account name
- failureMessage → if authentication=”no”, a description text of the error
- user → account owner identity standard attributes
- attributes → account owner identity custom attributes
- sessionId → session identifier

```western
{
    "valid": true,
    "sessionCookie": "_2307e8b5566ba600be64508a132f7f40c4578928733f2c3c:hRoFimsCGZSau7zjbWeVocTv13WAaui7dj00A7F39dM0R+daKHPQVi2WiAbhB/rV776S0TW5JXq7/9HjV0zo0h4E7AW72tCUD9I/8UD4VP5oTRWgR6xTP3mUwhn5NCuiHOE02kuITf6l3y6ZrUOBA6qVFo/Twlfhww9dZ2l7NrdrO/s3K40L",
    "attributes": {},
    "user": {
        "lastName": "Halley",
        "createdByUser": "csvIDs",
        "modifiedDate": "2017-12-15T11:01:02+01:00",
        "userType": "I",
        "shortName": "edmond.halley"
        },
    "identityProvider": "soffid"
}
```