- Introducing the IOS XE REST API
- Installing the Virtual Services Management Container
- Client Authentication
- Global Configuration Requirements
- Domain Name System (DNS) Server
- Network Time Protocol (NTP)
- IP Interface Configuration Requirements
- L2 Interfaces
- Bridge Domains
- Multicast
- VxLAN
- DHCP Server and Relay Agent
- Routing Protocol (OSPF, BGP, EIGRP) Requirements
- ACL Requirements for Subnets or IP Ranges
- Network Address Translation (NAT)
- Firewall Inspection Requirements
- License Requirements
- Memory and CPU Usage Report
- VRF
- Virtual Private Networks (SVTI and EzVPN)
- LISP
- QoS
- HSRP
Cisco IOS XE REST API Management Reference Guide
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
- Updated:
- February 21, 2018
Chapter: Client Authentication
Client Authentication
Overview
The REST API authentication works as follows:
- The authentication uses HTTPS as the transport for all the Cisco REST API access.
- Clients perform authentication with this service by invoking a POST on this resource with HTTP Basic Auth as the authentication mechanism. The response of this request includes a token-id. Token-ids are short-lived, opaque objects that represents client’s successful authentication with the token service.
- Clients then access other APIs by including the token id as a custom HTTP header “X-auth-token”. If this token is not present or expired, then API access will return an HTTP status code of “401 Unauthorized”
- Clients can also explicitly invalidate a token by performing a DELETE operation on the token resource.
- The username/password for the HTTPS session should be configured with privilege 15.
Resource Summary for Client Authentication
|
|
|||||
|---|---|---|---|---|---|
|
|
|
|
|
|
|
Token Service Resource
The token service resource represents the authentication service that allows clients to perform authentication and obtain a token-id.
History
|
|
|
JSON Representation
Authenticate and Create a New Token
The initial HTTP request is performed by clients to authenticate and obtain a token so that it can invoke other APIs. The HTTP POST response contains an ‘opaque’ URL to be used for HTTP GET and DELETE requests.
Resource URI
|
|
|
|---|---|
Example
Retrieve Active Tokens
Resource URI
|
|
|
|---|---|
Example
Token Resource
A token represents successful authentication of a client.
History
|
|
|
Properties
|
|
|
|
|
|---|---|---|---|
Authentication token that must be included as a custom HTTP header X-auth-token value in all API requests |
|||
JSON Representation of a Token
Retrieve Token Details
Resource URI
|
|
|
|---|---|
Example
Invalidate a Token
Typically tokens automatically expire after 15 minutes. However, clients can perform explicit invalidation of a token by doing a DELETE on the token resource.
Resource URI
|
|
|
|---|---|
Feedback