This article describes the authentication methods used in Tealium V1 APIs.

This is an older version of the current Tealium API.

The API can only be used by users with a valid Tealium account. The API supports authentication using an email address and password to verifyi user identity. Prior to accessing any of the API endpoints, you must authenticate to start a session. All subsequent calls use a session cookie and CSRF token for security purposes.x


Upon a successful login you are granted two (2) items: a cookie named JSESSIONID and a token named utk. These values are then used to authenticate all subsequent API calls.

Resource URL

POST /v1/login

cURL Request

curl -i -d username='{email}' -d password='{password}'

Example Request

curl -i -d username='' -d password='password123'

Example Response

HTTP/1.1 200 OK

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: application/json
Date: Mon, 31 Oct 2016 20:39:29 GMT
Expires: 0
Pragma: no-cache
Set-Cookie: JSESSIONID=3513642946826543477; Path=/urest_service; Secure; HttpOnly
Set-Cookie: rememberMe=deleteMe; Path=/urest_service; Max-Age=0; Expires=Sun, 30-Oct-2016 20:39:29 GMT
X-NodeId: i-6c3ba529
X-Version: 0.0.528
X-XSS-Protection: 1;mode=block
Content-Length: 60
Connection: keep-alive

   "utk": "65489FMSTJGF549870KSH",

From this response you would make note of the following values for all subsequent API calls:

(Sample Values)

  • JSESSION = 3513642946826543477
  • utk = 65489FMSTJGF549870KSH

Error messages

If the call fails, the API returns a 401 Authentication Failure error. Here are the error messages you can expect to see:

{ <br> "returnCode" : 1401,<br> "message" : "Authentication Failed"<br>}

{ <br> "returnCode" : 1402,<br> "message" : "Too many unsuccessful login attempts. Please try again in 10 minutes" <br>}

{ <br> "returnCode" : 1469,<br> "message" : "Although the user is authenticated, the request is denied due of lack of proper permissions" <br>}


Terminates the current session for the logged-in user.

NOTE: Making this API call is optional because a user is automatically logged out after their session expires.

Resource URL


Request header

Header Field Name Description Example value
Content-type Indicates the MIME type of the body of the GET request application/x-www-form-urlencoded
JSESSION cookie Cookie for sending jsession ID, i.e. the unique session identifier JSESSIONID=415072043799098022

Example response

The API returns status 200 OK upon successful logout.

Was this page helpful?

This page was last updated: January 7, 2023