Basic command-line semantics provide prompts for user input, and response time is indeterminate. Scripts need to use an “expect”-type mechanism to scan output for prompts. It is recommended and more efficient to use the HTTP interface to access the API.
Two login methods are supported:
HTTPS authentication using an SHA256 hash to return a session key that is sent for each request. The session key is valid has a 30-minute inactivity timeout. Use of SHA256 is now recommended instead of MD5, which is deprecated.
To log in to the HTTPS API, the username and password must be joined with an underscore as a separator (username_password). The username and password is then sent through an SHA256 hash. The SHA256 hash is represented in lower case hexadecimal format. This string is appended to the login function for the API,
https://IP-address/api/login/hash. For example:
https://10.0.0.2/api/login/<SHA256-hash>
NOTE: The SHA256 method is not compatible with LDAP user accounts. For LDAP, use HTTPS basic authentication instead.
HTTPS basic authentication using the
Authorization header. If this login method is used, the username and password must be joined with a ‘:’ (username:password) and then encoded in Base64. For example:
Authorization: Basic base64-string
Use the following URL for basic authentication:
https://IP-address/api/login
For both methods, the response that is returned is in XML and the content contains an
OBJECT element. Within the
OBJECT element, a
PROPERTY element with the name attribute of response contains the session key. These XML API elements are described in
Using XML API output.
The following example shows how to construct a Perl script to communicate with the XML API using HTTPS:
NOTE:The API provides default self-signed certificates for an HTTPS connection. To validate the certificate, download it through a browser and then set the following environment variable to point to the certificate:
# export HTTPS_CA_FILE=path-to-certificate
# Include required libraries
use LWP::UserAgent;
use XML::LibXML;
use HTTP::Request::Common;
use IO::Socket::SSL qw( SSL_VERIFY_NONE );
# For SHA-256 Authentication
use Digest::SHA qw(sha256_hex);
use constant use_basic_auth => 1;
my $user = "manage";
my $password = "Abcd_1234";
my $ip = "YourIPAddress";
my $protocol = "https";
# Create a user agent for sending requests
my $user_agent = LWP::UserAgent->new();
# Skip certificate verification
$user_agent->ssl_opts(
SSL_verify_mode => SSL_VERIFY_NONE,
verify_hostname => 0
);
my $request;
if( use_basic_auth ) {
# Login with HTTP basic authentication
my $auth_url = "$protocol://$ip/api/login/";
$request = HTTP::Request->new( GET=>$auth_url );
$request->authorization_basic( $user, $password );
} else {
# Login with SHA-256 hash
my $auth_data = "$user\_$password";
my $sha256_hash = sha256_hex( $auth_data );
my $auth_url = "$protocol://$ip/api/login/$sha256_hash";
$request = HTTP::Request->new( GET => $auth_url );
}
# Request return data be XML format
$request->header( 'dataType'=>'ipa' );
# Make the request
$response = $user_agent->request( $request );
# Parse the returned XML and retrieve the returned session key
my $parser = XML::LibXML->new();
my $document = $parser->parse_string( $response->content );
my $root = $document->getDocumentElement;
my @objects = $root->getElementsByTagName( 'OBJECT' );
my @properties = $objects[0]->getElementsByTagName( 'PROPERTY' );
my $sessionKey;
foreach my $property ( @properties ) {
my $name = $property->getAttribute( 'name' );
if( $name eq 'response' ) {
$sessionKey = $property->textContent;
}
}
# Using the session key, request the system configuration
$url = "$protocol://$ip/api/show/configuration/";
$request = HTTP::Request->new( GET=>$url );
$request->header( 'sessionKey'=>$sessionKey );
$request->header( 'dataType'=>'ipa' );
$response = $user_agent->request( $request );
print$response->content;
The last several lines of the Perl code above show how to get the entire configuration information from the CLI and print the output using the
ipa option for XML output. The output can easily be redirected to a file for archiving. Alternatively, the
dataType in the request header can be set to
json for JSON output, or to
console for standard CLI text output. Console output should not be used for parsing, but can be useful for tabular reports obtained directly from the CLI commands.
The following example shows how to construct a Python script to access the XML API via HTTPS.
import base64
import sys
import urllib.request
import xml.dom.minidom
import ssl
username = 'manage'
password = 'Abcd_1234'
# For the following, the protocol (HTTP or HTTPS) must be specified; for example,
# https://10.235.221.121
if sys.argv[1]:
ip = sys.argv[1]
else:
sys.exit(1)
temp_string = bytes(username + ':' + password, "utf-8")
encodedBytes = base64.b64encode(temp_string)
auth_string = str(encodedBytes, "utf-8")
print("Base64 = " + auth_string + "\n")
url = ip + '/api/login/'
req = urllib.request.Request(url)
req.add_header('Authorization', 'Basic ' + auth_string)
print(req.get_full_url())
print(req.get_header('Authorization'))
# Skip certificate verification
context = ssl._create_unverified_context()
response = urllib.request.urlopen(req, context=context)
xmlDoc = xml.dom.minidom.parseString(response.read())
loginObjs = xmlDoc.getElementsByTagName('OBJECT')
loginProps = xmlDoc.getElementsByTagName('PROPERTY')
sessionKey = ''
for lProp in loginProps:
name = lProp.getAttribute('name')
print("Property = " + name)
if name == 'response':
sessionKey = lProp.firstChild.data
print("Session Key = " + sessionKey + "\n" )
url = ip + '/api/show/disks'
req = urllib.request.Request(url)
req.add_header('sessionKey', sessionKey)
req.add_header('dataType', 'console')
response = urllib.request.urlopen(req, context=context)
print(response.read().decode('utf-8'))
The following example shows how to construct a Python script to communicate with the JSON API via HTTPS and return the response in JSON format.
import sys
import requests
import json
import hashlib
# NOTE: This is to suppress the insecure connection warning for certificate
# verification.
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
USE_BASIC_AUTH = 1
url = "https://<YourIPAddress>"
username = "manage"
password = "Abcd_1234"
if USE_BASIC_AUTH:
# HTTP basic authentication
headers = {'datatype':'json'}
r = requests.get(url + '/api/login', auth=(username, password), headers=headers, verify=False)
else:
# SHA-256 authentication
auth_bytes = bytes(username + '_' + password, 'utf-8')
auth_string = hashlib.sha256(auth_bytes).hexdigest()
headers = {'datatype':'json'}
r = requests.get(url + '/api/login/' + auth_string, headers=headers, verify=False )
# Extract session key from response
response = json.loads(r.content.decode('utf-8'))
sessionKey = response['status'][0]['response']
# Obtain the health of the system
headers = {'sessionKey': sessionKey, 'datatype':'json'}
r = requests.get(url+'/api/show/system', headers=headers, verify=False)
print(r.content.decode('utf-8'))
response = json.loads(r.content)
print("Health = " + response['system'][0]['health'])
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\