iDRAC8 with Lifecycle Controller Version 2.70.70.70 Redfish API Guide
Redfish authentication and authorization
For certain resources, the Redfish clients may require to authenticate access. Redfish relies on the managed system for the required credentials and supported forms of authentication. In iDRAC, authentication is based on local credentials and remote protocols such as Active Directory and LDAP.
NOTE You must have the required
iDRAC license to use Active Directory and LDAP.
Authorization includes both user privilege and license authorization. Redfish support is included in all levels of iDRAC licensing. The following table details the authentication and authorization required for each Redfish action:
| Redfish actions | Authentication required | Authorization required |
|---|---|---|
| Read operation on any instrumentation data | Yes | Yes |
| Modify instrumentation data | Yes | Yes |
| Invoke actions | Yes | Yes |
| View service root | No | No |
| View metadata document | No | No |
| View OData service document | No | No |
| View message registry | No | No |
| View Redfish version URI | No | No |
| View JSONSchemaFile resource URI | No | No |
| View JSON schemas URI | No | No |
The Redfish service provides access to
Redfish URLs by using the following methods:
Basic authentication: In this method, user name and password are provided for each Redfish API request.
- Session-based authentication: This method is used while issuing multiple Redfish operation requests.
Session login is initiated by accessing the Create session URI. The response for this request includes an X-Auth-Token header with a session token. Authentication for subsequent requests is made using the X-Auth-Token header.
Session logout is performed by issuing a DELETE of the Session resource provided by the Login operation including the X-Auth-Token header.
NOTE The iDRAC
firmware incorporates the concept of application sessions for various
existing interfaces such as the web interface, WSMan, and RACADM. With the introduction
of Redfish-specific sessions, Redfish inherits the characteristics
of web server sessions and the property Session Timeout inherits the
web server session timeout value.
NOTE To ensure a secure
connection, Dell recommends using TLS 1.1 or later.
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\