REST Resources
-
/ -
/active-user-sessions -
/active-user-sessions /{id} -
/api-access-profiles -
/api-access-profiles /{id} -
/capabilities -
/capabilities /{cid} /roles /{rid} -
/capabilities /{cid} /tasks /{tid} -
/capabilities /{id} -
/capabilities /{id} /roles -
/capabilities /{id} /tasks -
/certificate -
/certificate /{certificate-id} -
/check-enabled-tasks -
/clear-local-passwords -
/disable-users -
/enable-users -
/generate-temp-password -
/job-instances /{job-id} /export-roles-data -
/job-instances /{job-id} /terminate-user-session-job-results -
/login -
/login-status -
/logout -
/profiles -
/profiles /{id} -
/profiles /{id} /roles -
/profiles /{id} /roles /{rid} -
/roles -
/roles /{id} -
/roles /{role-id} /capabilities -
/roles /{role-id} /capabilities /{capability-id} -
/roles /{role-id} /tasks -
/roles /{role-id} /tasks /{task-id} -
/tasks -
/tasks /{id} -
/terminate-user-sessions -
/unlock-users -
/upload-image -
/user-preference-states -
/user-profiles -
/user-profiles /{profile-id} -
/users -
/users /{id} -
/users /{id} /active-user-sessions -
/users /{id} /disable-user -
/users /{id} /enable-user -
/users /{id} /roles -
/users /{uid} /active-user-sessions /{rid} -
/users /{uid} /roles /{rid} -
/users /{user-id} /capabilities -
/users /{user-id} /change-password -
/users /{user-id} /image -
/users /{user-id} /validate-password -
/validate-password
/api/space/user-management/login
The following operation is supported on this resource:
- POST - Login to Space, creating a REST API Client Session which can be used for subsequent REST API requests
POST /login | Version 1 |
This API creates a new user session in Space. The user session can be subsequently used to call other REST APIs, using a standard HTTP Client like Apache HTTP 4.2.3 for Java, or Requests client in Python. The session protocol uses a standard Request Session, which sets persistent cookies JSESSIONID and JSESSIONIDSSO returned by this API. Once these two cookies are set on the client, then any subsequent request using the same HTTP client will use the created session. The use of this API will benefit overall API performance, especially, when long API sessions are created with many HTTP requests.
To use the API, pass either a Basic Authorization header with username/password credentials or an X.509 certificate, just as with all other REST APIs. After the server authenticates the request, it will create a new REST API session for the client. Once the session has been created, subsequent HTTP requests no longer need to present any credentials or certificates to the server. Only the JSESSIONID and JSESSIONIDSSO need to be presented, and will automatically be presented by most HTTP clients, if these session cookies are set on the client host.
If the session login is successful, this API will return an HTTP header like this:
Set-Cookie: JSESSIONIDSSO=hiPw0L...;Version=1, JSESSIONID=z+dhXM...;Version=1; Path=/api/space/user-management
with a response body of:
User logged in
It will also return an HTTP Error Code of 200 (Success).
If the provided credentials are invalid, the login will be unsuccessful, and a 401 (Unauthorized) Error Code will be returned, along with the response body of:
User is not logged in
The user session will be actively maintained on the server, until, either:
- Client explicitly logs out using the /api/space/user-management/logout API.
- Session is terminated by the system due to inactivity. The default session maxage (or idle-time) limit is 30 minutes. This value can also be set, dynamically, by using the maxage parameter on this API.
- Parameters:
Name Type URI Type Description Required max-age Integer Query JSESSIONSSO cookie will expire after maxage seconds. Default value for SSO session expiration is 30 minutes (1800 seconds). Any setting between 1 and 28800 is allowed. N - Accept Headers:
application/vnd.net.juniper.space.user-management.user-ref+xml;version=1
application/vnd.net.juniper.space.user-management.user-ref+json;version=1
- .
Sample Usage
POST /login?max-age=<max-age>
Access Control
The following capabilities are required to access this API: DefaultRead