POS Session API
The POS Session API provides endpoints for managing POS (Point of Sale) sessions within a store. Sessions represent active work periods for POS profiles (cashiers).All POS Session API endpoints require authentication and a valid
x-store-id header to identify the store context.Overview
Each session:- Belongs to one POS profile
- Belongs to one store
- Has an opening cash amount
- Can only have one active (open) session per profile at a time
- Sessions can be created, checked, and retrieved via these endpoints
Endpoint Details
Base URL:/pos-sessionContent-Type:
application/json
Required Headers
Entity: POS Session
Create POS Session
POST/pos-session/create-session
Starts a new POS session for a specific profile. A profile can only have one active (open) session at a time.
Requires Authentication: Bearer token in Authorization header
Required Headers
Request Body
Success Response
Status Code:200 OK
Response Fields
Response Object
Session Object (in data array)
Possible Errors
Example Request
Get Session Status by Profile
GET/pos-session/session-status/:profileId
Checks whether a POS profile currently has an open session.
Requires Authentication: Bearer token in Authorization header
Required Headers
Path Parameters
Success Response
Status Code:200 OK
When session is open:
Response Fields
Response Object
Possible Errors
Example Request
Get Current Open Session
GET/pos-session/current-session/:profileId
Retrieves the currently active (open) session for a given POS profile.
Requires Authentication: Bearer token in Authorization header
Required Headers
Path Parameters
Success Response
Status Code:200 OK
When session exists:
Response Fields
Response Object
Possible Errors
Example Request
Get All POS Profiles with Session Status
GET/pos-session/profiles
Returns all POS profiles in the store, with a flag indicating if each has an open session.
Requires Authentication: Bearer token in Authorization header
Required Headers
Success Response
Status Code:200 OK
Response Fields
Profile Object
Possible Errors
Example Request
Summary
Security & Validation
- All routes require a valid
x-store-idheader - Profile passwords are verified when creating sessions
- Only one active session per profile is allowed at a time
- Session creation requires profile password verification
- Store ID validation prevents unauthorized access
Business Logic
Session Creation
- A profile can only have one active (open) session at a time
- Opening cash amount is required and validated
- Profile password must be verified before session creation
- Session is automatically associated with the store from the
x-store-idheader
Session Status
- Status checks return whether a session is currently open
- If no session is open, the session object is null
- Status is checked per profile within a store context
Profile Listing
- All profiles for a store are returned with their session status
- The
isOpenedflag indicates if each profile has an active session - Profiles are returned even if they have no open sessions