Sign On

Sign On is required to use all IBM® Connect:Direct® Web Service RESTful APIs.

Note: Ensure that the authorization header is included each time a RESTful API is invoked for authentication.

Sign On procedure

  1. Make a POST request to the URL https://<CDWS_IPAddress:Port>/cdwebconsole/svc/signon.
  2. Encode the IBM® Connect:Direct user name and password into Base64. To encode the username and password use URL https://<CDWS_IPAddress:Port>/cdws-doc/base64encode.html.

    For example, encoded password for admin:password123 becomes YWRtaW46cGFzc3dvcmQxMjM=.

  3. Set the Request Header to:
    Authorization
    Basic <Encoded_Password from step 2 e.g. YWRtaW46cGFzc3dvcmQxMjM=>
    
    Content-Type
    application/json; charset=iso-8859-1
    
    X-XSRF-TOKEN
    Y2hlY2tpdA== (fixed for the first time)
  4. Set the Request body and submit the request
    {
    "ipAddress":"CDNODE IP",
    "port":1363,
    "protocol":"TCPIP || TLS1.0 || TLS1.1 || TLS1.2"
    }
  5. Complete the Request body as follows:
    POST /cdwebconsole/svc/signon HTTP/1.1
    Host: <CDWS_IPAddress:Port>
    Content-Type: application/json; charset=utf-8
    X-XSRF-TOKEN: Y2hlY2tpdA==
    Authorization: Basic QWRtaW5pc3RyYXRvcjpNc3dAMTIzIQ==
    Cache-Control: no-cache
    
    {
    	"ipAddress":"172.20.186.35",
    	"protocol":"tcpip",
    	"port":1363
    }
  6. Response message received as follows:
    [
        {
            "messageCode": 200,
            "message": "Signon is successful",
            "version": "CDWS_VERSION",
            "nodeName": "CD_NODE_NAME"
        }
    ]
  7. User receives an Authorization and XSRF token in response header that can be used to execute other RESTful APIs.
    Authorization:
    eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJBZG1pbmlzdHJhdG9yOjE3Mi4yMC4xODYuMzU6MTM2MzplMDI
    0YjAzZC03NzkwLTQxMjItOTZkOC1iZjg5MmY5NDcxM2MiLCJleHAiOjE1NTcxMjcyMTJ9.ME_mni-wgm
    rzVL214ijhxNzU-bgHw9bv-Ktz8WL84ljpEYtgm89jfH7ehspyk-zgS6J8JiL2GJrG3JYo1REs1w
    XSRF:
    809ab7e8-c6be-41ac-84f1-b4f8db246d9e