You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Clarification: `add_session` / `delete_session` vs. KasAuth
KasAuth.php (already implemented in KasAuth client (plain / session / 2FA) #5 as `internal/auth`): returns the 40-char credential token used by `kas_auth_type=session` requests. Triggered transparently by `auth.SessionTokenSource` on first KasApi call and on `no_auth` / `unknown_session` faults. No CLI surface needed; it is internal plumbing.
KasApi.php `add_session` / `delete_session`: documented as separate operations on the KasApi endpoint. Per the KAS docs these manage administrative customer-side sessions (e.g. delegated logins) rather than the credential token KasAuth issues.
Is the KasApi.php `add_session` actually distinct from the KasAuth flow already covered by `internal/auth`, or is the fixture just the same operation surfaced through the second endpoint? Confirm against https://kasapi.kasserver.com/dokumentation/phpdoc/ before deciding on a CLI surface.
CLI shape — likely `kasapi-cli sessions add|delete` if both are in scope here, or just `sessions delete` if KasAuth covers `add`.
Acceptance
One module per endpoint that is genuinely distinct from `internal/auth`, with mapping tests against the existing success and failure fixtures.
CLI subcommand wiring under `kasapi-cli sessions …`.
ROADMAP item "Standalone `add_session` / `delete_session` subcommands" flipped to checked.
Scope
Carve out the session-write endpoints from #11 so that issue can stay pure-reads.
Endpoints (KasApi.php — not KasAuth.php):
Fixtures already in place:
Background (lifted from #11)
Clarification: `add_session` / `delete_session` vs. KasAuth
Status (2026-05-03)
Open questions
Acceptance
Carved out of #11.