AFA REST web services

This section describes the AlgoSec Firewall Analyzer REST web services APIs.

Note: To view vulnerability data in AFA device reports, you must either have vulnerability scanners configured in AppViz, or import your vulnerability data manually.

For more details, see Manage vulnerability assessment scanners and Import vulnerability data.

Base URL

There are two types of base URLs and corresponding authentication method:

  • The base URL for most requests is:


    where <algosec_server> is the AFA server URL. Most of these APIs are shown in swagger.

    Authentication is through a cookie session. For example:

    curl --cookie "PHPSESSID=g4mgnv4cno9ivt7rclmhmejj27" https://<IP:Port>/afa/api/v1/security_zones/get_profiles_list

    For the value of the PHPSESSID parameter in the request cookie, use the sessionID value received in the login response. See Log in to ASMS .

The base URL for the remaining requests is:


where <algosec_server> is the AFA server URL. These APIs are not shown in swagger.

Authentication is through a URL parameter (except for Log in to ASMS ). For example:

curl -k -H 'cookie: PHPSESSID=SessionID' https://<ASMS_IP>/afa/api/v1/users/<https://ASMS_IP/afa/api/v1/users/>

For the value of the session parameter in the request, use the sessionID value received in the login response. See Log in to ASMS .

Note: For each request, the documentation specifies the base URL and authentication method.

Back to top


The AlgoSec Firewall Analyzer RESTful API includes Swagger support, enabling you to execute simplified API request calls and access full lists of request parameters.

To access Swagger API documentation:

  1. In the toolbar, click your username and click API Documentation.
  2. From the dropdown at the top-right, select one of the following options:


    Controls most central AFA API requests, such as object or device requests


    Controls AFA API requests related to vulnerabilites.


    Policy_Optimization Controls AFA APIs related to network rules.
    Issues_Center Controls AFA APIs related to the ASMS Issues Center
    Map Control AFA APIs related to the ASMS network map.

Back to top

AFA REST API reference

The following table lists the REST APIs supported for AFA. For more details, see EntitiesResponse type and AFA search rule fields.

Login and logout

Log in to ASMS

Log out of ASMS

Analysis and reports

Start an analysis

Retrieve an analysis status

Retrieve a baseline compliance report

Running the Query Troubleshooting Tool

Object data

Retrieve network objects

Retrieve service objects

Retrieve interfaces

Identify missing routers

Merge routers

Get details for a specified device

Add/Edit a device

Delete a device

Get a list of devices

Get data on managed devices


Retrieve a risk profile list

Rule data

Retrieve rules

Retrieve risky rules

Rules hit count

Security zones

Retrieve security zones

Assign zone types to interfaces

User data

Retrieve user data

Retrieve role data

Issues Center Manage AFA issues

Relocating devices

Relocate devices between nodes

Check device relocation progress

Cancel device relocation

Traffic Simulation

Traffic simulation query

Back to top