The HTTP Authorization header must include a Central Identity Management device token (also known as a DIM token).
Providing this cookie with subsequent requests works as an alternative to the LoyaltySessionToken HTTP header.
Sign out is handled by the ExpireAuthenticationCookie method.
When using cookie-based authentication, the API will automatically refresh the cookie when the access token has expired.
In addition to the authentication cookie, a second vista-loyalty-member-is-authenticated cookie is returned that can be used by the client to detect whether the patron is authenticated.
Data is to be provided as application/x-www-form-urlencoded form parameters in the format of member workstation authentication request
Unlike the standard member authentication endpoints, the cookie from this endpoint does not have permission to update member details.
LockOutPeriodInSeconds property will only be present on the response object if the response has the error code 32000.
Member authenticated cookies created.
The provided grant type, credentials, or refresh token are invalid.
Authentication JWT is missing.
This endpoint can only be used using a CIM Device Authentication token.
Member or device locked. Try again later.