Log in to ASMS

The AFA REST API uses sessions to avoid re-authenticating with every request. You obtain a session ID in the response of this endpoint, which you use in all other REST API requests. For example,

  • For base URLs of type .../afa/api/v1: Use the sessionID value from the response as the values of the PHPSESSID parameter in the cookie.

  • For base URLs, of type .../fa/server: Use the sessionID value from the response as the values of the session parameter in your API requests.

Resource Name: /fa/server/connection/login

Request Method: POST

Request Parameters:

Element

Type

Description
username Mandatory

String

AlgoSec Security Management Suite username.
password Mandatory

String

AlgoSec Security Management Suite password.

ResponseParameters:

Element

Type

Description
SessionID

String

Session ID you will use in all your requests.
status

String

One of the following:

  • true. Indicates login succeeded.
  • false. Indicates login failed.
messageOnly is returned when the request fails.

String

An error message.

Request example 

curl --insecure "https://localhost/fa/server/connection/login" --request POST \
  -H "Accept:application/json" \
  -H "Content-Type:application/json" \
  -d "{\"username\":\"admin\",\"password\":\"algosec\"}"

Response example (successful) 

 {
 	"status":true,
 	"SessionID":"et52j33f796dl86pt7ms7efq29"
 }

Response example (Status 403 unsuccessful) 

{
  "status": false,
  "message": "Login Failed: incorrect username or password\n Status 403"
}