We have created a plugin for a Windows program in which we want to call ThinkWise endpoints.
The user needs to authorize first, which we do using the following URL:
https://test-evnironment/indicium/account/api/login (this is a dummy data link, for the sake of the post)
Here we pass the UserName and Password as parameters. This works and we get a 200 response, store the cookies locally, and include them in subsequent requests.
When we close the Windows application, we log out using this link:
https://test-environment/indicium/account/api/logout
Here we pass the same parameters, but also the cookies received from the login response.
We can see in IAM that all sessions for this user are correctly closed. However, when we restart the application and thus create a new session, we immediately get a 401 Unauthorized. The application refers to a custom component we made to work together with TW and Indicium.
We are certain that no sessions are open for this user. Users can only log in just once per account, so why do we get a 401 after logging back in when we log out of a session and see that the session is closed?