Cisco Cisco ASA 5580 Adaptive Security Appliance
About the ASA REST API v1.3.2
Special APIs
Special APIs
25
POST URL: /api/cli
Request payload format:
{
"commands": ["command-1", "command-2",…, "command-n"]
}
Response format:
{
"response": ["command-1 response", "command-2 response",…, "command-n response"]
}
Limitations
The debug commands are not supported in CLI pass-through. All debug commands are per terminal session, and not a
global configuration. So, if debug commands are sent over CLI pass-through, either they might return an error or
success response, but they do not have any effect on the device.
success response, but they do not have any effect on the device.
Token Authentication API
The REST API client needs to send a POST request to '/api/tokenservices' with user information in the basic
authentication header to get a token for that user. Subsequently, the REST API client can use this token in an 'X-Auth-
Token' request header for any subsequent REST API calls. The 'token' will be valid until either it is explicitly invalidated
Token' request header for any subsequent REST API calls. The 'token' will be valid until either it is explicitly invalidated
by a 'DELETE /api/tokenservices/<token>' request, using user information in the basic authentication header, or until the
session times out.
POST URL: /api/tokenservices
Request payload is empty. The user information should be in the basic authentication header.
Response could be:
Reason
HTTP Status Code
AAA validation failure/Authorization header not present.
401 Unauthorized
Authentication success.
204 No Content + X-Auth-Token <token id> (header)
Can’t get username/password from the header, or any
other sanity check failures.
400 Bad Request
Maximum sessions reached.
Note: The maximum number of sessions per context is 25.
503 Service unavailable