Documentation: expand on not using session_key

[tammoterhark]

Today I spend several hours getting something to work.

As it turns out, when using call_limer, you do not need to send the session_key, although this is indicated in the LimeSurvey RPC page at: https://api.limesurvey.org/classes/remotecontrol_handle.html

For example (to get response per token)

NOT GOOD
sessionKey<-get_session_key()
response_raw<-call_limer(method= 'export_responses_by_token',
params = list(sSessionKey=sessionKey,
iSurveyID = 111111,
sDocumentType = 'csv',
sToken = 'chg2h4460',
sLanguageCode= ''
))
response<-base64_to_df(response_raw)

GOOD
get_session_key()
response_raw<-call_limer(method= 'export_responses_by_token',
params = list(iSurveyID = 111111,
sDocumentType = 'csv',
sToken = 'chg2h4460',
sLanguageCode= ''
))
response<-base64_to_df(response_raw)

[r0bis]

My experience is - get session key works similar to setting a cookie. You can do all things allowed by RCAPI plus the user account privileges you have authenticated as. The authenticated state ends after you release the session key (would also after a timeout but I have never held session key for very long). It seems to me that the session key is in the environment and call_limer() automatically uses it. When I have finished operations with LS I issue invisible(release_session_key()) - invisible is R specific and is only used so that the code does not print in the rmarkdown report.
`

Before calling the API, you need to generate an access token with get_session_key() (examples of how to do this are shown below). Many services provide tokens that last indefinitely, but by default LimeSurvey's will only last for two hours. (this can be modified by editing limesurvey/application/config/config-default.php and changing $config['iSessionExpirationTime'] = 7200; to something else).