FireFlow REST web services

This section describes the FireFlow REST web services APIs.

Base URL

The base URL for all REST requests is the following:

https://<algosec_server>/FireFlow/api

where <algosec_server> is the AFA/FireFlow server URL.

Note: Every request must be in JSON format. Each request must include the content-type header with the value application/json.

Header requirements in FireFlow

The header requirement for all REST requests is:

Header requirements:

Key Value
Cookie FireFlow_Session=[sessionId]. The sessionId is retrieved from the authentication request.

Authentication is through a cookie session. For example:

curl -X POST --cookie "FireFlow_Session=c69bcc3e6832149642b32e" "https://192.168.11.23/FireFlow/api/change-requests/traffic" -H "accept: */*" -H "Content-Type: application/json" -d "{ \"template\": \"string\", \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ], \"traffic\": [ { \"source\": { \"items\": [ { \"address\": \"1.1.1.1\", \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ] } ] }, \"destination\": { \"items\": [ { \"address\": \"1.1.1.1\", \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ] } ] }, \"service\": { \"items\": [ { \"service\": \"tcp/80\", \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ] } ] }, \"application\": { \"items\": [ { \"name\": \"name to match\", \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ] } ] }, \"user\": { \"items\": [ { \"name\": \"name to match\", \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ] } ] }, \"action\": \"Allow/Drop\", \"natDetails\": { \"source\": [ \"string\" ], \"destination\": [ \"string\" ], \"port\": [ \"string\" ], \"type\": \"Static/Dynamic\" }, \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ] } ]}"

Swagger

The FireFlow RESTful API includes Swagger support, enabling you to execute simplified API request calls and access full lists of request parameters.

To access Swagger API documentation:

  1. In the toolbar, click your username and click API Documentation.
  2. From the dropdown at the top-right, click AlgoSec_FireFlow.

FireFlow REST API reference

FireFlow supports the following REST APIs:

Authentication

Session

Traffic Change request

Object Change Request

Generic Change request

Work Order

Rule Removal

Active Change

Initial Plan

Advance Search

Request Templates

For more details, see FireFlow data types.