...
Requests shall include a header named "sessionToken" whose value is that returned by the Initiate Session request, above. (The session will timeout eventually, with a nominal duration of 30 min24 hours.)
For requests that fail to be authenticated the response will include the headers:
...