Cisco Cisco ASA 5525-X Adaptive Security Appliance - No Payload Encryption
About the ASA REST API v1.2.1
Resource Identity
Resource Identity
5
Resource Identity
All Resources will have a unique identifier ‘objectId’ which will be either a natural unique name for the given type given
by user or a generated hash out of composite unique attributes. Note that CLI has no notion of UID so it’s not possible for
REST Agent to generate any distinct unique identifier since REST Agent is stateless.
REST Agent to generate any distinct unique identifier since REST Agent is stateless.
Example:
{
kind: "object#AccessGroup",
selfLink: "https://<asa_ip>/api/access/in/inside",
ACLName: "inside_in_acl",
direction: "IN",
interface: {
kind: "objectRef#Interface",
refLink: "https://<asa_ip>/api/interfaces/physical/GigabitEthernet0_API_SLASH_1",
objectId: "GigabitEthernet0_API_SLASH_1",
name: "inside"
}
}
Attribute ‘selfLink’
This is complete URL for a resource specified within the JSON object of an object. This is useful when a collection is
retrieved to traverse to individual items without figuring out through documentation on how to construct URL to reach to
an object from its objectId. This attribute will be specified in JSON object of every resource.
The objectId part of the selfLink will be URL encoded, whether the selfLink is part of JSON response or location header.
Whenever an API request comes, first canonicalization check will be done on the request URL to check for any double or
mixed encodings. If URL is double encoded, 400 bad request will be returned. If it passes canonicalization check, then
the request URL is URL-decoded and sent for further processing.
Note: The objectId within the JSON response will never be URL encoded. So, instead of using selfLink, if URL is being
explicitly constructed using the objectId from JSON response, then it should be constructed after appropriately
URL encoding the objectId.
Resource Type – ‘kind’ attribute
All objects represented in JSON will have a ‘kind’ attribute specifying the type of the object content. If the object
represents a list then it will have syntax as ‘collection#{type}’ otherwise it will be ‘object#{type}’
Examples:
‘kind’: ‘collection#accessPolicySet’ => represents list of ACL type.
‘kind’:’object#networkobject’ => represents object of type ‘networkobject’
‘kind’:’objectref#networkobject’ => represents a reference to an object of type ‘networkobject’
‘kind’: ‘IPAddress => represents a primitive resource of type ‘ipAddress’
‘kind’: ‘IPAddress => represents a primitive resource of type ‘ipAddress’