topic Re: CER v15 vs v14 authenticate API in Management

CER v15 vs v14 authenticate API

rmaslanka2 — Thu, 26 Sep 2024 17:16:35 GMT

When working with DevNet Sandbox CER v14, authentication works as described in the API documentation.

A request to /authenticate/status/ returns a 401, a CER 401 page, along with a JSESSIONID cookie.
A second request to /authenticate/status/ while passing that cookie, returns a 200 and <authentication><status>Authentication successful on publisher </status>...

When testing the same on my v15 environment:
A request to /authenticate/status/ returns a 200, <authentication><status>Authentication failed on publisher </status>..., along with a JSESSIONID cookie.
A second request to /authenticate/status/ while passing that cookie, returns a 200 again and <authentication><status>Authentication failed on publisher </status>... again.

Can anyone confirm how they are authenticating to CER v15 APIs and / or if there has been a change from v14 to v15?

Re: CER v15 vs v14 authenticate API

bigevilbeard — Fri, 27 Sep 2024 09:50:43 GMT

@rmaslanka2 this does look like a change in auth method for the API, the docs for v15 https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cer/15/english/administration/guide/cer0_b_cisco-emergency-responder-administration-guide-15/cer0_m_cisco-emergency-responder-api-documentation.html point to devnet, but that as you noted does not appear to have been updated for v15, nor an API change log. In the past other platforms such as sd-wan have had the change of auth on the main product page too.

I do not know the product well enough, but if you can login via the UI and capture the details in developer tools, this might give you a clue as what is going on with v15 which has change. That or its a call to TAC for the ENG team to advise.

Re: CER v15 vs v14 authenticate API

Mark Dugas — Thu, 17 Oct 2024 16:15:18 GMT

I have pretty much the same issue except I'm getting a 404. When I send the auth request to a 12.5 server it works perfectly; however sending to the version 15 server results in 404.

Re: CER v15 vs v14 authenticate API

thedd — Fri, 18 Oct 2024 10:00:16 GMT

I have a AXl Test Application i use since years and this one is working fine with CUCM >10 and just tested with CUCM 15 in dCloud

Are you just trying to figure out your authentication status and this returns 404 or do you get a 404 when perfomring AXL requests, too?

Re: CER v15 vs v14 authenticate API

rmaslanka2 — Fri, 18 Oct 2024 13:00:43 GMT

@thedd I don't have any issue with authenticating to CUCM v15 and haven't run into any CUCM AXL changes that I needed to adjust for after moving from 12.5 to 15.

I am having issues with CER / Emergency Responder though. The documented method for authenticating to CER is different than CUCM. Have you had success with CER v15?

Re:CER v15 vs v14 authenticate API

Mark Dugas — Fri, 18 Oct 2024 13:24:05 GMT

My existing script gets 404 on version 15 and gets a 200 on version 12.5.
I referenced what I assume is CER Version 15 API documentation at: https://developer.cisco.com/site/cer/documents/api-reference/cisco-emergency-responder-cer-api-documentation/#authentication
I added a workaround in my script to do an initial auth call to get a cookie: JSESSIONID. If that call returns a 200, then I assume Version 15, then set that in the header and then use Basic Auth to do my desired API call. If the initial auth call does not return a 200, I use the old authentication method.
This is a pain because now I have to retrofit my old CER scripts.

Re: CER v15 vs v14 authenticate API

Mark-9Line — Tue, 21 Jan 2025 23:03:22 GMT

As far as I can tell, this behavior changed between base CER 15 (-10000) and SU1a (15.0.1.11901-3)

Re: CER v15 vs v14 authenticate API

Elliot Dierksen — Thu, 23 Jan 2025 10:18:31 GMT

Here is a code snippet of how I worked around this. This definitely changed starting with CER V14.

hdrs = [] q = requests.get(cer_full_url, auth=req_dauth, verify=False) #print('Status from 1st GET',q.status_code) if q.status_code == 401: h = q.headers['Set-Cookie'].split(';') hdr = { 'Cookie': h[0] } q = requests.get(cer_full_url,auth=req_dauth,verify=False,headers=hdr) #print('Status from 2nd GET',q.status_code)

Re: CER v15 vs v14 authenticate API

Mark-9Line — Thu, 23 Jan 2025 15:51:13 GMT

Hi Elliot, are you saying you are getting a 200 response in a CER 14 release? If so, what's the full version of CER 14 you're running? I see CER still presents a 401 in base v15 (-10000). Unfortunately, I don't have a 14 to test with at my fingertips.

Re: CER v15 vs v14 authenticate API

Elliot Dierksen — Thu, 23 Jan 2025 18:52:52 GMT

That code snippet was added to deal with a V14 release. I don't have the full version because I don't have remote access to that network any longer. V12.5 didn't need the cookie. V14 definitely needs the cookie.