FireFlow REST web services

This section describes the FireFlow REST web services APIs.

Base URL

The base URL for all REST requests is the following:

https://<algosec_server>/FireFlow/api

where <algosec_server> is the AFA/FireFlow server URL.

Note: Every request must be in JSON format. Each request must include the content-type header with the value application/json.

Header requirements in FireFlow

The header requirement for all REST requests is:

Header requirements:

Key Value
Cookie FireFlow_Session=[sessionId]. The sessionId is retrieved from the authentication request.

Authentication is through a cookie session. For example:

curl -X POST --cookie "FireFlow_Session=c69bcc3e6832149642b32e" "https://192.168.11.23/FireFlow/api/change-requests/traffic" -H "accept: */*" -H "Content-Type: application/json" -d "{ \"template\": \"string\", \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ], \"traffic\": [ { \"source\": { \"items\": [ { \"address\": \"1.1.1.1\", \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ] } ] }, \"destination\": { \"items\": [ { \"address\": \"1.1.1.1\", \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ] } ] }, \"service\": { \"items\": [ { \"service\": \"tcp/80\", \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ] } ] }, \"application\": { \"items\": [ { \"name\": \"name to match\", \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ] } ] }, \"user\": { \"items\": [ { \"name\": \"name to match\", \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ] } ] }, \"action\": \"Allow/Drop\", \"natDetails\": { \"source\": [ \"string\" ], \"destination\": [ \"string\" ], \"port\": [ \"string\" ], \"type\": \"Static/Dynamic\" }, \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ] } ]}"

Swagger

The FireFlow RESTful API includes Swagger support, enabling you to execute simplified API request calls and access full lists of request parameters.

To access Swagger API documentation:

  1. In the toolbar, click your username and click API Documentation.
  2. From the dropdown at the top-right, click AlgoSec_FireFlow.

FireFlow REST API reference

FireFlow supports the following REST APIs:

Authentication

Session

Traffic Change request

Object Change Request

Generic Change request

Work Order

Rule Removal

Rule Modification

Active Change

Initial Plan

Auto Matching

Advance Search

Request Templates

For more details, see FireFlow data types.