Connecting with a Client

You can access the REST API using any REST API client. Typically REST API clients are available as browser plugins, but any REST API client is allowed.


Note

If connecting to the REST API for the first time, you will receive a certificate warning. You need to accept the certificate in order to use the REST API.

Authentication from a REST API Client

Cisco recommends that you use different accounts for interfacing with the API and the User Interface. Credentials cannot be used for both interfaces simultaneously, and will be logged out without warning if used for both.

The first time you connect to the REST API you may receive an error that the connection is not secure due to an invalid certificate. Add an exception in your browser to use the certificate and accept the connection.

With Token Based Authentication you obtain a token from the CDO tenant. You use this token to access an HTTP service for a limited time period without the need for the username and password with every request. In other words, to eliminate the need for authenticating with your username and password with each request, you replace user credentials with a uniquely generated access token.

Connecting in Cloud-Delivered Firewall Management Center

The Token Generation Utility provides an authentication token which can be used in your REST API client.

Before you begin

You must have the following resources:

  • Account on the CDO tenant

  • REST API Client

  • The resolvable URI or IP address of the instance and a network connection which can reach that IP address.

Procedure

Step 1

Navigate and log in to the CDO tenant.
Step 2

Select Settings from the menu on the left.

Step 3

Select User Management.

Step 4

Select Generate API Token under the desired account to generate a token.

Step 5

Select Copy API Token and click OK to copy the API token.

What to do next

Use this token for REST API authentication in your REST client. This API token must be included in every call to the REST API, as shown in this example:

curl 'https://<cdo server>:<port>/api/fmc_config/v1/domain/e276abec-e0f2-11e3-8169-6d9ed49b625f/object/hosts' --header 'Authorization: Bearer <cdo token>'