Log in to ASMS

The AFA REST API uses sessions to avoid re-authenticating with every request. You obtain a session ID in the response of this endpoint, which you use in all other REST API requests. For example,

  • For base URLs of type .../afa/api/v1: Use the sessionID value from the response as the values of the PHPSESSID parameter in the cookie.

  • For base URLs, of type .../fa/server: Use the sessionID value from the response as the values of the session parameter in your API requests.

Resource Name: /fa/server/connection/login

Request Method: POST

Request Parameters:

Element

Type

Description

username Mandatory

String

AlgoSec Security Management Suite username.

password Mandatory

String

AlgoSec Security Management Suite password.

ResponseParameters:

Element

Type

Description

SessionID

String

Session ID you will use in all your requests.

status

String

One of the following:

  • true. Indicates login succeeded.
  • false. Indicates login failed.
messageOnly is returned when the request fails.

String

An error message.

Request example

curl --insecure "https://localhost/fa/server/connection/login" --request POST \
	-H "Accept:application/json" \
	-H "Content-Type:application/json" \
	-d "{\"username\":\"admin\",\"password\":\"algosec\"}"

Response example (successful)

 {
	"status":true,
	"SessionID":"et52j33f796dl86pt7ms7efq29"
}

Response example (Status 403 unsuccessful)

{
	"status": false,
	"message": "Login Failed: incorrect username or password\n Status 403"
}