Every request to the Unisphere Management REST API must be authenticated, except for queries to the
basicSystemInfo resource type. The Unisphere Management REST API uses the standard HTTP Basic access authentication mechanism to authenticate REST requests. The same users, whether defined in LDAP or defined locally, are valid for REST, CLI, or GUI access.
Logging into the Unisphere Management REST API server
To log into the REST API server, include this header in a
GET request:
X-EMC-REST-CLIENT: true
This tells the server to use the HTTP Basic access authentication mechanism to authenticate the login request.
The server returns the following in response to a successful login:
A
200 OK HTTP status code.
Login session cookies, which are required for all subsequent requests.
EMC-CSRF-TOKEN token header, which is required for
POST and
DELETE requests. This token header is good for the entirety of the session.
Ticket Granting Cookie (TGC), which is required when you are interacting with the authentication service.
To use Basic access authentication, you must include
X-EMC-REST-CLIENT: true in each request to authenticate the login session.
The following table summarizes the items to include in requests subsequent to the first
GET request in a session:
Request type
Items to include
GET
X-EMC-REST-CLIENT
All cookies returned in the first
GET request of the session.
POST or
DELETE
X-EMC-REST-CLIENT
EMC-CSRF-TOKEN token header
All cookies returned in the first
GET request of the session.
The following headers should also be included in requests:
Accept: application/json (to indicate that the format of the response content is JSON)
Content-type: application/json (to indicate that the format of the request contains body is JSON; required if there is a request body)
Obtaining login session information
Query the
loginSessionInfo resource type to find out basic information about the current session. The following table describes the information returned in response to a successful query of the
loginSessionInfo resource type:
Attribute
Description
id
Unique identifier of the
loginSessionInfo
resource instance.
user
Information about the user logged into this session, as defined by the
user resource type.
roles
List of roles for the user logged into this session, as defined by the
role resource type.
idleTimeout
Number of seconds after last use until this session expires.
isPasswordChangeRequired
Indicates whether the password must be changed in order to use this session created for the built-in admin account. Values are:
true - Password must be changed.
false - Password does not need to be changed.
For information about changing the password for a local user, see the Help topic for the
user resource type in the
Unisphere Management REST API Reference Guide.
Logging out of the Unisphere Management REST API server
Use the following request components to log out of the storage system to which the login request was made:
Header:
Accept: application/json
Content-Type: application/json
X-EMC-REST-CLIENT: true
<TGC>
<All other cookies returned in the first GET request of the session>
Operation:
POST
URI pattern:
/api/types/loginSessionInfo/action/logout
Body
{
“localCleanupOnly” : "true"
}
The server returns a
204 No Content HTTP status code and an empty response body in response to a successful local logout.
If you set the
localCleanupOnly argument to
"false" or you do not specify it, the client will log out of all storage systems in the overall SSO session.
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\