Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

iDRAC9 Redfish API Guide Firmware version: 4.20.20.20

PDF

Redfish authentication and authorization

For certain resources, the Redfish clients may require to authenticate access. Redfish relies on the managed system for the required credentials and supported forms of authentication. In iDRAC, authentication is based on local credentials and remote protocols such as Active Directory and LDAP.

NOTE You must have the required iDRAC license to use Active Directory and LDAP.

Authorization includes both user privilege and license authorization. Redfish support is included in all levels of iDRAC licensing. The following table details the authentication and authorization required for each Redfish action:

Table 1. Redfish authentication and authorizationThis table lists whether the Redfish actions require authentication or authorization.
Redfish actions Authentication required Authorization required
Read operation on any instrumentation data Yes Yes
Modify instrumentation data Yes Yes
Invoke actions Yes Yes
View service root No No
View metadata document No No
View OData service document No No
View message registry No No
View Redfish version URI No No
View JSONSchemaFile resource URI No No
View JSON schemas URI No No
The Redfish service provides access to Redfish URLs by using the following methods:

  • Basic authentication: In this method, user name and password are provided for each Redfish API request.

  • Session-based authentication: This method is used while issuing multiple Redfish operation requests.

    • Session login is initiated by accessing the Create session URI. The response for this request includes an X-Auth-Token header with a session token. Authentication for subsequent requests is made using the X-Auth-Token header.

    • Session logout is performed by issuing a DELETE of the Session resource provided by the Login operation including the X-Auth-Token header.

NOTE The iDRAC firmware incorporates the concept of application sessions for various existing interfaces such as the web interface, WSMan, and RACADM. With the introduction of Redfish-specific sessions, Redfish inherits the characteristics of web server sessions and the property Session Timeout inherits the web server session timeout value.
NOTE To ensure a secure connection, Dell recommends using TLS 1.1 or later.

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\