Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
14 views6 pages

Rest API User Guide v3

The document outlines the security authentication process for the RCView network management system's REST interfaces, requiring username and password authentication followed by token usage for subsequent calls. It details the interface functions, including the 'Get Token' function, error codes, and the working principle of obtaining and using tokens for secure access. Additionally, it provides configuration guidelines for proxy settings in different modes and a demo for using Postman to interact with the API.

Uploaded by

hericklenon29
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
14 views6 pages

Rest API User Guide v3

The document outlines the security authentication process for the RCView network management system's REST interfaces, requiring username and password authentication followed by token usage for subsequent calls. It details the interface functions, including the 'Get Token' function, error codes, and the working principle of obtaining and using tokens for secure access. Additionally, it provides configuration guidelines for proxy settings in different modes and a demo for using Postman to interact with the API.

Uploaded by

hericklenon29
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 6

1.

Overview
In the scenario where the RCView network management system
opens internal REST interfaces for OSS and other systems to call,
security authentication must be conducted according to the
guidance of this document.
2. General Overview of Interfaces
The security mechanism of the REST interface requires username
and password authentication before calling. After successful
authentication, a Token is returned for all subsequent interface
calls.
2.1 Function Overview
 Provides RESTful interfaces using JSON format for data
encapsulation.
2.2 Interface Classification and Protocol
 Uses RESTful protocol with data encapsulated in JSON format.
2.3 Function List
Interface Interface Call Protoc
Interface ID
Name Description er ol
SDNC.Token.0
Get Token Retrieve Token rest
01
2.4 Interface Error Codes
ErrorCo ErrorTyp
English Chinese
de e
200 Normal OK Success
Client Bad
400 Invalid request
Error request
Client Unauthoriz
401 Unauthorized
Error ed
Client Forbidden
403 Forbidden
Error access

3. Interface Function Definition


3.1 Get Token (Identity Token) Interface Definition
 Interface ID: SDNC.Token.001
 Interface Name: Get Token
 Interface Description: Retrieve session identity token
 Prerequisites:
 Interface Address: GET /api/v1/tokens
3.1.1 Get Token Interface Description
3.1.1.1 Interface Input Model Description
Request Headers:
Authorization: Basic username:password
Note: The value of Authorization is generated by concatenating the
authentication username and password with “:” and then encoding
it using Base64, for example:
String code = Base64(username + ":" + password);
// code: YWRtaW46YWRtaW4=
The final Authorization header example:
Authorization: Basic YWRtaW46YWRtaW4=
3.1.1.2 Interface Output Model Description
Return Parameters:
Parameter Parameter
Name Description
user Username
value Token value
3.1.1.3 Example Case Description
Request:
Request Headers:
Authorization: Basic YWRtaW46YWRtaW4=
Response:
{
"user": "admin",
"value":
"WyIwIiwiY2FkMzZmMDlmOGMzOWU2Y2EwNTZjZTY1YTcxZjQ4MDIiX
Q.DTkoRg.F5FUQlZZwhClg5krz9fb1Gxlbvk"
}
If validation fails, return:
res.json(401, {});
3.1.1.4 REST Interface Authentication Description
1. After obtaining the Token, when calling REST interfaces, the
token information must be added to the HTTP headers, for
example:
Request Headers:
Authentication-Token:
WyIwIiwiY2FkMzZmMDlmOGMzOWU2Y2EwNTZjZTY1YTcxZjQ4MDIiX
Q.DTkoRg.F5FUQlZZwhClg5krz9fb1Gxlbvk
2. All REST interfaces must support parsing the following two
types of header authentication information:
o Authorization: Basic YWRtaW46YWRtaW4=
o Authentication-Token:
WyIwIiwiY2M2NDA1MTVkYmE5ZTQ5NDEyZGIyYmVkNTh
kNWJhMGUiXQ.DTivLg.hK1nnOeqWu9BUeY6apcfwSq2u6
g
3. If validation fails, return:
res.json(401, {});
4. Registration and Working Principle
4.1 Registration
5.1.1 Replacement Mode
In the config/default.json file under the webapp module, configure
other services that require proxy and authentication under the key:
proxy in north, as follows:
"/couchdb": "127.0.0.1:5984",
"/cloudvpn": "127.0.0.1:60150"
In replacement mode, the /couchdb field is replaced with
"127.0.0.1:5984", so the accessed URL starts with /couchdb, while
the backend provides the actual URL without /couchdb.

5.1.2 Regex Mode


In the config/default.json file under the webapp module, configure
other services that require proxy and authentication under the key:
proxy in http_proxy, as follows:
"/configcenter": "172.16.68.204:60050",
"/alarm": "172.16.68.233:60030"
In regex mode, when encountering the /configcenter field, it is
redirected to the service: "172.16.68.204:60050", so the accessed
URL starts with /configcenter, and the backend provides the actual
URL also starting with /configcenter.

4.2 Working Principle


1. Obtain Token (identity token).
2. After obtaining the Token, when calling REST interfaces, the
token information must be added to the HTTP headers.
For specific usage, please refer to the interface function definition
section in Chapter 3 of this document.
5. Postman Demo
Step 1: Obtain token.
If an error occurs, check the configuration of General-SSL certificate
verification and change it to off.

Step 2: Read data. Issue requests according to the API


documentation, and remember to add the Authentication-Token
attribute in the request header, with the value being the value field
returned in the previous step.

You might also like