Manualshelf

Reference Guide

ManualsBrandsDell ManualsCompellent (SCPowerStore Rack
21222324252627282930
Managing a REST API session
Topics:
Connecting and authenticating
Obtaining login session information
Logging out of the REST API session
Connecting and authenticating
All requests to the REST API must be authenticated. The REST API uses the standard HTTP Basic access authentication
mechanism to authenticate REST requests. The same users are valid for REST or GUI access.
To log in to the REST API server, use the following request components:
Header
Accept: application/json
Content-Type: application/json (if the request has a non-empty request body)
Authorization: <base 64 encoding of username and password>
Operation GET, PATCH, POST, or DELETE
URI
pattern
URI pattern for one of the requests listed in the Operation section
NOTE: To avoid exposure to a cross-site request forgery (CSRF), requests other than GET require the DELL-EMC-TOKEN
header. Before issuing any REST call which changes the state of the object (such as POST, PATCH or DELETE), send a GET
request to receive a CSRF token. Use the value of token from the response header that is obtained from the GET call as a
Header value in the subsequent calls for this session.
The server returns the following in response to a successful login:
A 200 OK HTTP status code.
auth_cookie header, which is required to authenticate all subsequent requests, unless you resubmit the user ID and
password with each request. It is also required for logging out of the session.
NOTE: Once the auth_cookie value is set, a browser automatically sets the cookie value for each request.
If the authentication fails, the server returns a 401 Unauthorized HTTP status code.
Obtaining login session information
Query the login_session resource type to find out basic information about the current session. The following table
describes the information that is returned in response to a successful query of the login_session resource type:
Attribute
Description
id
The unique identifier of the login_session resource instance.
user
Information about the user logged into this session defined by the local_user resource type.
role_ids
Roles for the user who is logged into this session defined by the role resource type.
idle_timeout
Number of seconds after last use until this session expires.
5
22 Managing a REST API session