Sessions API


The William Hill Sessions API uses a central authentication service (CAS*) on all resources that require access to a customer’s account or betting functionality. To authenticate, you’ll need to supply a sportsbook username and password, in return you will be given an authentication ticket, which you can use on the majority of requests found within our services.

The Sessions API should be used whenever you want to login a customer and:

  • continue to use the William Hill API for that customer’s transactions
  • use other CAS-enabled William Hill services outside the suite of APIs

CAS is an enterprise Single Sign-On solution for web services (see It is used by many William Hill services.
Note: all requests must be executed over HTTPS and include an API key and secret.

Authentication Ticket Expiration Times

When a customer is logged in using the Sessions API, they are given an Authentication Ticket; using this ticket on subsequent API requests gives you access to account activities (such as placing a bet, deposits, etc). However, this ticket is only valid for a given period of time depending on how it is used. If the ticket is used and then has a period of inactivity longer than 7,200 seconds (2 hours), then the ticket will expire and further requests using the ticket will be denied - in effect, a customer has been logged out and will need to authenticate again.

Normally, any ticket issued only has a maximum life expectancy of 28,000 seconds (8 hours) after which it can no longer be used, even if it has been used regularly. The customer again will be effectively logged out and will need to authenticate again. If you wish to avoid this, you need to set the query parameter extended to Y, which will enable your application to generate a ticket valid for 60 days without expiring due to inactivity.

Use this page to mock Sessions API in your testing and development.

Run our mock API sample using the open source WireMock library, or in the free edition of WireMock Cloud. You'll have a working API server simulating the behavior of Sessions API, which will allow you to keep building and testing even if the actual API you isn't currently available.

Related mocks

NFL v3 Play-by-Play

NFL play-by-play API.

NFL v3 Scores

NFL schedules, scores, odds, weather,

NBA v3 Stats

NHL v3 Play-by-Play

NHL play-by-play API.

NPR Authorization Service

The interface to our OAuth2 server

CBB v3 Scores

Ready to accelerate your development flow

Shorter release cycles, more predictable schedules and fewer defects in production.
Start Mocking for Free *Free forever. No credit card needed