SignOn

Sign On is required to use all IBM® Connect:Direct® Web Service RESTful APIs.

Note: Ensure that the authorization header is included each time a RESTful API is invoked for authentication.
  1. Encode the IBM® Connect:Direct user name and password into Base64. To encode the username and password use URL in the following format:
    https://<CDWS_IPAddress:Port>/cdws-doc/base64encode.html
  2. Set the Request Header to:
    Authorization
    Basic <Encoded_Password>' -H '
    
    Content-Type
    application/json" -X POST -d
    '{"ipAddress":"CDNodeIp","protocol":" TCPIP || TLS1.0 || TLS1.1 ||
    TLS1.2","port":'1363'}'-k
    
    X-XSRF-TOKEN
    <Y2hlY2tpdA== (fixed for signon request )>'-H
  3. Complete the Request body as follows:
    curl -s -i -H ' Authorization: Basic <Encoded_Password>' -H 
    'X-XSRF-TOKEN:<Y2hlY2tpdA== (fixed for signon request )>' -H 
    "Content-Type: application/json"-X POST -d '{"ipAddress":"CDNodeIp",
    "protocol":" TCPIP || TLS1.0 || TLS1.1 ||TLS1.2","port":'1363'}'-k
    https://<CDWS_IPAddress:Port>/cdwebconsole/svc/signon 
  4. Response message received as follows:
    HTTP/1.1 200 OK
    Date: Tue, 14 May 2019 07:46:03 GMT
    
    Set-Cookie:
    XSRF-TOKEN=1086bae5-3073-4a8f-afbe-b3d3199d6812;Path=/;Secure;
    
    HttpOnly _csrf:
    1086bae5-3073-4a8f-afbe-b3d3199d681
    
    osType: WINDOWS
    
    Content-Type:application/json;charset=iso-8859-1
    
    Authorization:
    eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhZG1pbmlzdHJhdG9yOjE3Mi4yMC4xODYuNz
    Q6MTM2Mzo1NmIwNDFkZS0yYmI1LTQyMTUtOGI4OC02ZjMwYzU1NmE2NTUiLCJleHAiOjE1
    NTc4MjIzNjN9.z2la7UyfICFWkMtaO8xJ6kv2Llth-u8kRLXH8tIOTsKm_82jeNE-Rdl2q
    fQGUlRdl2qifQGUlT4gOs9BhyWAN4JGPde5Fo5g
    
    Expires: Thu, 01 Jan 1970 00:00:00 GMT
    
    Cache-Control: no-cache, no-store,must-revalidate,max-age=0
    
    Pragma: no-cache
    
    Strict-Transport-Security: max-age=31536000 ;includeSubDomains
    
    X-XSS-Protection: 1; mode=block
    
    X-Content-Type-Options: nosniff Content-Security-Policy: default-src 'self'
    
    X-Content-Type-Options:nosniff
    
    X-Frame-Options: DENY
    
    Set-Cookie:JSESSIONID=node01jk2nfvlk2nyjq4ubgnot3j7r4.node0;Path=/;Secure;HttpOnly
    
    Content-Length:70
    [
        {
            "messageCode": 200,
            "message": "Signon is successful",
            "version": "CDWS_VERSION_NO",
            "nodeName": "CD_NODE_NAME"
        }
    ]
  5. User receives an Authorization. jsessionid, and XSRF token in response header that can be used to execute other RESTful APIs.
    XSRF-TOKEN=1086bae5-3073-4a8f-afbe-b3d3199d6812;Path=/;Secure;
    HttpOnly _csrf:1086bae5-3073-4a8f-afbe-b3d3199d6812
    
    Authorization:
    eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhZG1pbmlzdHJhdG9yOjE3Mi4yMC4xODYuNz
    Q6MTM2Mzo1NmIwNDFkZS0yYmI1LTQyMTUtOGI4OC02ZjMwYzU1NmE2NTUiLCJleHAiOjE1
    NTc4MjIzNjN9.z2la7UyfICFWkMtaO8xJ6kv2Llth-u8kRLXH8tIOTsKm_82jeNE-Rdl2
    qifQGUlRdl2qifQGUlT4gOs9BhyWAN4JGPde5Fo5g
    
    JSESSIONID=node01jk2nfvlk2nyjq4ubgnot3j7r4.node0;Path=/;Secure;HttpOnly