How to avoid logging out a user when using their credentials via the new REST API

John Mertic —  June 20, 2014 — 5 Comments

I had this question come from a partner this week…

Users can’t maintain their two sessions of Sugar (One via the REST API, and the other their Sugar Instance) at the same time. Signing in to either one will always result to the session expiration of the other one

This is mostly because the Sugar 7 uses the same REST API to power all the new Sugar UX components, so if you need to let the API know you aren’t coming from the desktop client. The way to do this in as a part of the /oauth2/token call, changing the ‘platform’ parameter as shown below to something other than ‘base’, ‘mobile’, or ‘portal’…

John Mertic


John Mertic manages the strategic ISV alliances program for SugarCRM, having several years of techincal experience bringing solutions to market with several SugarCRM technology partners. A frequent conference speaker and an avid writer, he has been published in php|architect, IBM Developerworks, and in the Apple Developer Connection, and is the author of the book 'The Definitive Guide to SugarCRM: Better Business Applications' and the book 'Building on SugarCRM: Creating Applications the Easy Way'. He is also president of the OpenSocial foundation, guiding them in solving interoperability issues for enterprise application providers worldwide.

5 responses to How to avoid logging out a user when using their credentials via the new REST API


    Thanks, I didn’t understand why occurred that.


    There is also a sudo API that will let an admin login as another user without logging that user out. Probably a better fit for this anyways.


    Solution to the addressed issue is simple. You can avoid logging out by letting the New Rest API (in sugar 7) know that the other user isn’t coming from the same desktop client. Follow the link for details.

Trackbacks and Pingbacks:

  1. Sugar7 複数のアプリケーションからのアクセス | SugarCRM - SugarCRMの日本語マニュアル公開 - July 7, 2014

    […] 情報元 […]

  2. How platform parameter works in Sugar v10 REST API « Sugar Developer Blog – SugarCRM - April 12, 2017

    […] Platforms are used by Sugar to support the needs of multiple Sugar clients.  For each client, you are allowed to specify unique Sidecar Viewdefs, custom or modified platform API endpoints, as well as the ability to support a concurrent user session. […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s