post https://{tenanturl}/v1.0/auth/session
This endpoint takes an authentication bearer token that is provided in the body of "x-www-form-urlencoded" POST request”.
It uses “scoped=true” as a query parameter optionally. When “scoped=true” is given, the cookie that is created is used to login to an app-scoped application. If “scoped=true” is not given, the cookie that created is used to log in to a nonapp-scoped application.
It uses “redirect_url” as an optional query parameter. When “redirect_url” is given, the call redirects to the redirect URL with the authenticated session.