How do I generate a session id?

As outlined in the getting started guide, the basics to getting a user authenticated look like this:

  1. Create a new request token
  2. Get the user to authorize the request token
  3. Create a new session id with the athorized request token
  4. Part 1 and 3 should be fairly easy to understand but I'll walk through each step to make sure it's clear.

Step 1: Create a request token

The first step as a developer is to request a new token. This is a temporary token that is required to ask the user for permission to access their account. This token will auto expire after 60 minutes if it's not used.

Step 2: Ask the user for permission

With a request token in hand, forward your user to the following URL:{REQUEST_TOKEN}

You can also pass this URL a redirect_to parameter, ie:{REQUEST_TOKEN}?redirect_to=

Once the user has approved your request token, they will either be redirected to the URL you specified in the redirect_to parameter or to the /authenticate/allow path on TMDB. If they aren't redirected to a custom URL, the page will also have a Authentication-Callback header. This header contains the API call for step #3. You can either manually generate it or simply use the one we return.

Step 3: Create a session ID

By calling the new session method with the request token that has been approved by the user in step 2, we will return a new session_id. This is the session that can now be used to write user data. You should treat this key like a password and keep it secret.

What about guest sessions?

A guest session can be used to rate movies without having a registered TMDB user account. For more information about how to create a guest session see here.