SignOn
Sign On is required to use all IBM® Connect:Direct® Web Service RESTful APIs.
Note: Ensure that the authorization header is included each time a RESTful API is invoked for
authentication.
-
Encode the IBM® Connect:Direct user name and password into Base64. To encode the username and
password use URL in the following format:
https://<CDWS_IPAddress:Port>/cdws-doc/base64encode.html
-
Set the Request Header to:
Authorization Basic <Encoded_Password>' -H ' Content-Type application/json" -X POST -d '{"ipAddress":"CDNodeIp","protocol":" TCPIP || TLS1.0 || TLS1.1 || TLS1.2","port":'1363'}'-k X-XSRF-TOKEN <Y2hlY2tpdA== (fixed for signon request )>'-H
-
Complete the Request body as follows:
curl -s -i -H ' Authorization: Basic <Encoded_Password>' -H 'X-XSRF-TOKEN:<Y2hlY2tpdA== (fixed for signon request )>' -H "Content-Type: application/json"-X POST -d '{"ipAddress":"CDNodeIp", "protocol":" TCPIP || TLS1.0 || TLS1.1 ||TLS1.2","port":'1363'}'-k https://<CDWS_IPAddress:Port>/cdwebconsole/svc/signon
-
Response message received as follows:
HTTP/1.1 200 OK Date: Tue, 14 May 2019 07:46:03 GMT Set-Cookie: XSRF-TOKEN=1086bae5-3073-4a8f-afbe-b3d3199d6812;Path=/;Secure; HttpOnly _csrf: 1086bae5-3073-4a8f-afbe-b3d3199d681 osType: WINDOWS Content-Type:application/json;charset=iso-8859-1 Authorization: eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhZG1pbmlzdHJhdG9yOjE3Mi4yMC4xODYuNz Q6MTM2Mzo1NmIwNDFkZS0yYmI1LTQyMTUtOGI4OC02ZjMwYzU1NmE2NTUiLCJleHAiOjE1 NTc4MjIzNjN9.z2la7UyfICFWkMtaO8xJ6kv2Llth-u8kRLXH8tIOTsKm_82jeNE-Rdl2q fQGUlRdl2qifQGUlT4gOs9BhyWAN4JGPde5Fo5g Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache, no-store,must-revalidate,max-age=0 Pragma: no-cache Strict-Transport-Security: max-age=31536000 ;includeSubDomains X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Content-Security-Policy: default-src 'self' X-Content-Type-Options:nosniff X-Frame-Options: DENY Set-Cookie:JSESSIONID=node01jk2nfvlk2nyjq4ubgnot3j7r4.node0;Path=/;Secure;HttpOnly Content-Length:70 [ { "messageCode" : 200, "message" : "Signon is successful" }]
-
User receives an Authorization. jsessionid, and XSRF token in response header that can be used
to execute other RESTful APIs.
XSRF-TOKEN=1086bae5-3073-4a8f-afbe-b3d3199d6812;Path=/;Secure; HttpOnly _csrf:1086bae5-3073-4a8f-afbe-b3d3199d6812 Authorization: eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhZG1pbmlzdHJhdG9yOjE3Mi4yMC4xODYuNz Q6MTM2Mzo1NmIwNDFkZS0yYmI1LTQyMTUtOGI4OC02ZjMwYzU1NmE2NTUiLCJleHAiOjE1 NTc4MjIzNjN9.z2la7UyfICFWkMtaO8xJ6kv2Llth-u8kRLXH8tIOTsKm_82jeNE-Rdl2 qifQGUlRdl2qifQGUlT4gOs9BhyWAN4JGPde5Fo5g JSESSIONID=node01jk2nfvlk2nyjq4ubgnot3j7r4.node0;Path=/;Secure;HttpOnly