Create SessionId with Admin or Public SyncGateway REST API

Dear community,

I am using Session authentication in Couchbase lite 2.5 with SyncGateway and Couchbase server.
What is the correct way to create a SessionId?

  1. Use the public REST API
  2. Or use the Admin REST API

Both APIs create a SessionID, which one is the correct or preferred one?

Faris Ahmed

Either one is ok, but the admin REST API does not require the user’s password to create the session, which might be of interest to your authentication flow. Personally I prefer the admin API (as long as your server is on the same internal network as the sync gateway server). If you are accessing the session API from a public IP address, then you must use the public REST API as you should never expose the admin port publicly.

1 Like