Authentication and Authorization

You must start a valid REST session by sending a basic authentication request to the WiNG API server before you can start making API calls. The request header should include a valid management user name and password in username:password format. The username and password are encoded with Base64, which is an encoding technique that converts the username and password into a set of 64 characters to ensure safe transmission as part of the Authorization header. The WiNG server can use authentication mechanisms such as local database, RADIUS, etc., but the actual authentication mechanism(s) used depends on the management policy of the WiNG device.

Note

Note

WiNG's REST API is protected by the same access restrictions which are provided via the WiNG command line or graphical user interface. For example, if a user role does not allow write access to a resource, then an attempt to configure/update this resource via REST will fail. For more information on WiNG user roles, see the WiNG System Reference Guide located at: https://www.extremenetworks.com/support/documentation/.

Sample Login Request

curl -X GET -u <mgmt-username>:<mgmt-user-password> -k https://10.190.50.43/rest/v1/act/login

Sample Login Response

{    
"data":{        
	"auth_token": "e5c6c3bd73057b5252d683ced64897ef"    
	},    
"return_code": 0
}
Note

Note

Save the auth_token and forward it as a cookie in the request header in subsequent API calls.

Example: Including auth_token in subsequent API calls.

cookie = e5c6c3bd73057b5252d683ced64897ef

curl -X GET --cookie auth_token=$cookie -k
https://10.190.50.43/rest/v1/cfg/management_policy/default/snmp/community_string
You can send a logout request to the WiNG API server to close a session. Include the auth_token in the request header to indicate which session you wish to close.
Note

Note

An idle REST session is terminated automatically by the WiNG device after the duration exceeds the idle-session-timeout value in the management policy. The default interval is 30 minutes.

Sample Logout Request

curl -X GET --cookie auth_token=$cookie -k https://10.190.50.43/rest/v1/act/logout 

Successful Logout Response

{   
        "return_code":0 
}
Note

Note

After you log out or if the session expires, you need to log in and start a new session to continue making API calls. You will see an invalid authentication token error message if your session is no longer active.

Sample Invalid Authentication Token Error Message

{    
"errors":[        
	"Unable to find the session for auth_token: [e5c6c3bd73057b5252d683ced64897ef]"    
	],    
"return_code": 1
}