Security

RESTful API is dependent upon Hypertext Transfer Protocol (HTTP) for security. Token creation is required for authentication.

The following HTTP features are used for RESTful API security:
HTTP or HTTPS
Provides an encrypted HTTP channel between the client and the server.
HTTP basic authentication
Carries client provided credentials to the server.

Creating a token

You must create (POST) a token before other RESTful API operations can be initiated.

About this task

The successful completion of this task fulfills all security requirements for the use of the RESTful API. The created token is used in the URL parameter for all subsequent operations that are initiated with the RESTful API.
Note: After the token is created, all subsequent requests must include the following in the header: X-Auth-Token:{token_name}

Procedure

  1. Open the Firefox browser.
  2. Open the RESTful client by selecting Tools > RESTClient.
  3. In the Method field, select POST.
  4. In the URL field, type https://{hmc_address}:{port_number}/api/v1/tokens where {hmc_address} is the IP address of the DS8000 storage system HMC, and {port_number} is a four-digit port number.
  5. Create a custom header.
    1. Select Headers > Custom Header.
    2. In the Name field, enter Content-Type.
    3. In the Value field, enter application/json.
    4. Click Okay.
  6. In the Body field, type { "request" : { "params" : { "username" : "admin" , "password" : {user_password} } } } where {user_password} specifies the password.
  7. Click Send.

Results

If successful, the Response window displays the results such as the following example (shown in a condensed format):

{ "server" : { "status" : "ok" , "code" : "200" , "message" : "Operation done successfully." } , "token" : { "token" : "ddb1743a" , "expired_time" : "2014-08-25T03:28:15-0700" , "max_idle_interval" : "1800000" } }