The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The management center REST API provides a lightweight API to manage a management center.
With the release of management center REST API, you now have light-weight, easy-to-use option for managing devices through the cloud-delivered Firewall management center.
The REST API is enabled by default in the cloud-delivered managemenr center.
After installing a REST client, you can contact the specific management center's REST agent and use standard HTTP methods to access current configuration information, and issue additional configuration parameters.
There is a new section about backup methods and endpoints, added in the 7.3 table.
New API endpoints and Methods
|
Name |
Methods |
URL |
|---|---|---|
|
Backup |
||
|
Device Backup |
POST |
|
|
Download Backup |
GET, GET by ID |
|
|
Backup Files |
GET, GET by ID, DELETE |
|
|
Chassis |
||
|
Chassis Physical Interface |
GET, GET by ID, PUT |
|
|
Devices |
||
|
Device Records |
PUT |
|
|
Bidirectional Forwarding Policies |
GET, GET by ID, PUT, POST, DELETE |
|
|
Loopback Interfaces |
GET, GET by ID, PUT, POST, DELETE |
|
|
Device Clusters |
||
|
Cluster Health Monitor Settings |
GET by ID, PUT |
|
|
Health |
||
|
Remote Access VPN Gateways |
GET, GET by ID |
|
|
Terminate VPN Sessions |
POST |
|
|
Cisco Secure Dynamic Attributes Connector |
GET, POST |
|
|
Integration |
||
|
Tunnel Deployments |
GET, POST |
|
|
Tunnel Transcripts |
GET by ID |
|
|
Test Umbrella Connections |
POST |
|
|
Umbrella Connections |
GET, GET by ID, PUT, POST |
|
|
Data Centers |
GET |
|
|
Object |
||
|
AnyConnect Custom Attributes |
PUT, POST, DELETE |
|
|
Bi-Directional Forwarding Templates |
GET, GET by ID, PUT, POST, DELETE |
|
|
DHCP IPv6 Pools |
GET, GET by ID, PUT, POST, DELETE |
|
|
Download Internal CA |
POST |
|
|
Internal Certificate Authorities |
GET, GET by ID, PUT, POST, DELETE |
|
|
Internal Certificates |
GET, GET by ID, PUT, POST, DELETE |
|
|
Security Group Tags |
PUT, POST, DELETE |
|
|
SI URL Lists |
PUT, POST, DELETE |
|
|
Validate Certificate File |
POST |
|
|
Policy |
||
|
Flex Config Policies |
GET, GET by ID, POST |
|
|
FTD Platform Settings |
GET, GET by ID |
|
|
Load Balance Settings |
GET, GET by ID, PUT |
|
 Note |
Spaces have been added to the URLs to aid in readability. When using the URLs, remove the spaces. |
No new features or functionality were added in version 7.2.
New API endpoints and Methods
|
Name |
Methods |
URL |
|---|---|---|
|
Chassis |
||
| Evaluate Operation |
GET |
|
| Breakout Interfaces |
POST |
|
| Join Interfaces |
POST |
|
|
Deployment |
||
|
Download Reports |
GET |
|
|
Email Reports |
GET |
|
|
Devices |
||
|
EIGRP Routes |
GET, GET by ID, PUT, POST, DELETE |
|
|
Virtual EIGRP Routes |
GET, GET by ID, PUT, POST, DELETE |
|
|
Device Settings |
GET, PUT |
|
|
Change Managers |
POST |
|
|
Integration |
||
|
EBS Snapshot |
GET by ID, POST |
|
|
Status |
||
|
Task Statuses |
GET |
|
|
Object |
||
|
AnyConnect External Browser Packages |
PUT, POST, DELETE |
|
|
AnyConnect Packages |
PUT, POST, DELETE |
|
|
AnyConnect Profiles |
PUT, POST, DELETE |
|
|
Certificate Enrollments |
PUT, POST, DELETE |
|
|
Certificate Maps |
PUT, POST, DELETE |
|
|
Group Policies |
PUT, POST, DELETE |
|
|
Host Scan Packages |
PUT, POST, DELETE |
|
|
IPv4 Address Pools |
PUT, POST, DELETE |
|
|
IPv6 Address Pools |
PUT, POST, DELETE |
|
|
Umbrella Protection Policies |
GET, POST |
|
|
Radius Server Groups |
PUT, POST, DELETE |
|
|
SSO Servers |
PUT, POST, DELETE |
|
|
Policy |
||
|
Auto NAT Rules |
PUT, DELETE |
|
|
Manual NAT Rules |
PUT, DELETE |
|
|
NAT Rules |
DELETE |
|
|
Health Policies |
GET, GET by ID |
|
|
Policy Locks |
GET, POST |
|
|
RA VPNs |
PUT, POST, DELETE |
|
|
Address Assignment Settings |
PUT |
|
|
Certificate Map Settings |
PUT |
|
|
Connection Profiles |
PUT, POST, DELETE |
|
|
IPSec Advanced Settings |
GET, GET by ID, PUT |
|
|
IPSec Crypto Maps |
GET, GET by ID, PUT |
|
|
LDAP Attribute Maps |
GET, GET by ID, PUT |
|
|
S2S VPN Summaries |
GET |
|
|
Umbrella DNS Policies |
GET, GET by ID, PUT, POST, DELETE |
|
|
Umbrella DNS Rules |
GET, GET by ID, PUT |
|
|
Search |
||
|
Device |
GET |
|
|
License |
||
|
Device Licenses |
GET, GET by ID, PUT, PUT by ID |
|
|
Smart Licenses |
GET, POST |
|
|
Updates |
||
|
Upgrade Snapshot |
POST |
|
|
Troubleshoot |
||
|
Task |
POST |
|
Note |
Spaces have been added to the URLs to aid in readability. When using the URLs, remove the spaces. |
The following new features and functionality were added in version 7.1.
401 Invalid Session429 Too Many WritesRemoved biased terminology from field names and descriptions
Added the following new sections in API Explorer:
Troubleshoot
Network Map
Chassis
New API endpoints and Methods
|
Name |
Methods |
URL |
|---|---|---|
|
Troubleshoot |
||
| Packet Tracer Files |
DELETE, DELETE by ID |
|
|
Network Map |
||
|
Netmap Hosts |
GET, GET by ID, POST, DELETE |
|
|
Vulns |
GET, GET by ID, POST, DELETE |
/api/fmc_netmap/v1/domain/ {domainUUID}/vulns/ |
|
Users |
||
|
Duo Configs |
GET, GET by ID, PUT |
|
|
Deployment Services |
||
|
Job Histories |
GET, GET by ID, PUT |
/api/fmc_config/v1/domain/ {domainUUID}/deployment/jobhistories |
|
Download Reports |
GET |
/api/fmc_config/v1/domain/ {domainUUID}/deployment/jobhistories/{containerUUID}/ operational/downloadreports |
|
Email Reports |
POST |
/api/fmc_config/v1/domain/ {domainUUID}/deployment/jobhistories/{containerUUID}/ operational/emailreports |
|
Device Clusters |
||
|
Threat Defense Cluster Readiness Check |
POST |
/api/fmc_config/v1/domain/ {domainUUID}/deviceclusters/ftdclusterreadinesscheck |
|
Threat Defense Cluster Device Commands |
POST |
/api/fmc_config/v1/domain/ {domainUUID}/deviceclusters/{containerUUID}/ operational/ftdclusterdevicecommands |
|
Health Services |
||
|
Tunnel Statuses |
GET |
/api/fmc_config/v1/domain/ {domainUUID}/health/tunnelstatuses |
|
Tunnel Summaries |
GET |
/api/fmc_config/v1/domain/ {domainUUID}/health/tunnelsummaries |
|
Chassis |
||
|
Management Center Managed Chassis |
GET, GET by ID |
/api/fmc_config/v1/domain/ {domainUUID}/chassis/fmcmanagedchassis |
|
Network Modules |
GET, GET by ID, PUT |
/api/fmc_config/v1/domain/ {domainUUID}/chassis/fmcmanagedchassis/ {containerUUID}/networkmodules |
|
Sync Network Module |
PUT |
/api/fmc_config/v1/domain/ {domainUUID}/chassis/fmcmanagedchassis/ {containerUUID}/operational/syncnetworkmodule |
|
Chassis Interfaces |
GET, GET by ID |
/api/fmc_config/v1/domain/ {domainUUID}/chassis/fmcmanagedchassis/ {containerUUID}/chassisinterfaces |
|
Device Services |
||
|
ECMP Zones |
GET, GET by ID, PUT, POST, DELETE |
/api/fmc_config/v1/domain/ {domainUUID}/devices/devicerecords/ {containerUUID}/routing/ecmpzones |
|
Virtual ECMP Zones |
GET, GET by ID, PUT, POST, DELETE |
/api/fmc_config/v1/domain/ {domainUUID}/devices/devicerecords/{containerUUID}/routing/virtualrouters/ {virtualrouterUUID}/ecmpzones |
|
Packet Tracer |
POST |
/api/fmc_config/v1/domain/ {domainUUID}/devices/devicerecords/ {containerUUID}/operational/packettracer |
|
Packet Tracer PCAP |
POST |
/api/fmc_config/v1/domain/ {domainUUID}/devices/devicerecords/ {containerUUID}/operational/packettracerpcap |
|
Policy Based Routes |
GET, GET by ID, PUT, POST, DELETE |
/api/fmc_config/v1/domain/ {domainUUID}/devices/devicerecords/ {containerUUID}/routing/policybasedroutes |
|
Virtual Policy Based Routes |
GET, GET by ID, PUT, POST, DELETE |
/api/fmc_config/v1/domain/ {domainUUID}/devices/devicerecords/{containerUUID}/routing/virtualrouters/ {virtualrouterUUID}/policybasedroutes |
|
VTEP Policies |
GET, GET by ID, PUT, POST, DELETE |
/api/fmc_config/v1/domain/ {domainUUID}/devices/devicerecords/ {containerUUID}/vteppolicies |
|
VNI Interfaces |
GET, GET by ID, PUT, POST, DELETE |
/api/fmc_config/v1/domain/ {domainUUID}/devices/devicerecords/ {containerUUID}/vniinterfaces |
|
Threat Defense All Interfaces |
GET |
/api/fmc_config/v1/domain/ {domainUUID}/devices/devicerecords/ {containerUUID}/ftdallinterfaces |
|
Integration |
||
|
Dynamic Attributes Feeds |
GET, PUT |
/api/fmc_config/v1/domain/ {domainUUID}/integration/dynamicattributesfeeds |
|
Object |
||
|
Anyconnect External Browser Packages |
GET, GET by ID |
/api/fmc_config/v1/domain/ {domainUUID}/object/anyconnectexternalbrowserpackages |
|
Bulk Dynamic Objects |
POST |
/api/fmc_config/v1/domain/ {domainUUID}/object/bulkdynamicobjects |
|
Extended Community Lists |
GET, GET by ID, GET overrides, GET overrides by ID, OUT, POST, DELETE |
/api/fmc_config/v1/domain/ {domainUUID}/object/extendedcommunitylists |
|
Packet Tracer PCAP List |
GET |
/api/fmc_config/v1/domain/ {domainUUID}/object/packettracerpcaplist |
|
Packet Tracer PCAP Upload |
POST |
/api/fmc_config/v1/domain/ {domainUUID}/object/packettracerpcapupload |
|
Updates |
||
|
Revert Upgrades |
POST |
/api/fmc_platform/v1/updates/revertupgrades |
Note |
Spaces have been added to the URLs to aid in readability. When using the URLs, remove the spaces. |
Cisco recommends the following best practices for optimal results with the REST API:
Keep UI users and API users separate when possible. Especially do not use an admin account as an API user unless specifically necessary.
Do not give API users more privilege than needed.
Always validate the content coming from the server.
Validate/sanitize JSON content, as it may include embedded executable code.
Additional resources for the management center REST API can be found on Cisco DevNet at https://developer.cisco.com/firepower/.
Feedback