Description

Before any other request can be made, a client must issue a Login request. The Login transaction verifies the provided credentials and establishes a session.

Session control may be managed through HTTP cookies or other supported methods, but all clients must support cookie-based session handling.

The server’s response to the Login request includes all the necessary details for subsequent API calls. This information may include:

• URLs for other supported transactions
• Identity details associated with the destination owner
• Metadata version and timestamp information required by the system

Endpoint

https://sample.mlsidxapi.com/Login.svc/Login

Request Arguments

The Login transaction does not require any request arguments.

---

Login Response Body Format

A successful Login response will return an XML structure similar to the following:

<?xml version="1.0" encoding="UTF-8"?>
<RETS ReplyText="Operation Successful" ReplyCode="0">
  <RETS-RESPONSE>
    Broker=(Destination Owner ID)
    MemberName=(Destination Owner Name)
    MetadataVersion=(Current metadata version number)
    MinMetadataVersion=(Earliest version of metadata supported by server)
    MetadataTimestamp=(Timestamp of current version of metadata)
    MinMetadataTimestamp=(Timestamp of earliest version of metadata supported by server)
    User=(Destination Owner ID,,, Destination Owner ID)
    GetObject=(URL to use for GetObject requests)
    Login=(URL to use for Login requests)
    Logout=(URL to use for Logout requests)
    Search=(URL to use for Search requests)
    GetMetadata=(URL to use for GetMetadata requests)
  </RETS-RESPONSE>
</RETS>

Important Notes

A successful Login response header includes a Set-Cookie with an X-SESSIONID value. This X-SESSIONID must be submitted with every request made after logging in.

Clients must include any cookies set by the server in subsequent requests. See the official RETS Specifications for details.