Cisco Cisco ASA 5580 Adaptive Security Appliance
About the ASA REST API v1.3.2
REST API Authentication
REST API Authentication
7
number of items. So if you have 20,000 network objects, you cannot get all of them in a single call. Also, in the API
request you can specify the offset and the limit from that offset that should be returned in the result. This result will
always contain a “rangeInfo” entry, specifying what the offset was and the limit that being returned, and the total number
of items.
of items.
"rangeInfo": {
"offset": "integer",
"limit": "integer",
"total": "integer",
},
Maximum accepted value of limit will be 100. If the REST Client queries for more than 100 items, and more than 100
items are available, only 100 items will be returned, and the “total” will indicate the available-item count.
items are available, only 100 items will be returned, and the “total” will indicate the available-item count.
REST API Authentication
HTTP Basic authentication or Token-based authentication with secure HTTPS transport are supported, and
authentication will be performed for every request.
Note: Use of Certificate Authority (CA)-issued certificates is recommended on ASA, so REST API clients can validate
the ASA server certificates when establishing SSL connections.
Privilege 3 or greater is needed to invoke monitoring APIs. Privilege 5 or greater is needed for invoking GET APIs.
Privilege 15 is needed for invoking PUT/POST/DELETE operations.
Privilege 15 is needed for invoking PUT/POST/DELETE operations.
REST API Conventions
• An HTTP PUT request is used to replace, update, or modify an existing resource, while HTTP POST is used to
create a new resource (or any action that is not covered by PUT). You must not use HTTP PUT to create a
resource.
Note: Some types of object—for example, management access host and any ACE—are identified by a hash value
which is calculated based on several of the object’s parameters. If you use HTTP PUT to change any of
these parameters, the object’s hash value changes. Since this value identifies the object, it might seem
that the HTTP PUT call created a new object, but this is in fact not the case.
• The request body of an HTTP PUT request must contain the complete representation of the mandatory attributes
of the resource.
• An HTTP PUT accepts a complete resource. It does not return the updated version in the response. If a modified
resource in not sent in the response, the HTTP status code is 204 (not 200 OK) in the HTTP header response.
• HTTP PATCH is supported where applicable to partially update a resource. Any attribute not specified will take
the value of the server value.
Note: As noted for HTTP PUT, use of HTTP PATCH can change an object’s identifying hash value, and as with
HTTP PUT, this does not mean that the HTTP PATCH call created a new object.
• An HTTP POST request contains the details of a new resource to be created in JSON format.