cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1424
Views
5
Helpful
4
Replies

DCNM 11.4(1) REST authentication with postman or curl

CSI:Net
Level 1
Level 1

Hello,

 

I didn't find anywhere the way to get token from DCNM in REST way.

I tried like this but look is not working, I get always Bad Request. I'm using Basic Authentication with user:password in base 64.

curl -I --insecure --location --request POST 'https://dcnm-name/rest/logon' --header 'Authorization: Basic 12345=='

 

Where 12345== is username:password in Base64

Is the username the same I use for dcnm login ?

Should I somewhere define a special user for REST authentication

 

 

 

 

 

2 Accepted Solutions

Accepted Solutions

mtanases
Cisco Employee
Cisco Employee

Hi,


I just made a similar test and initially it was also not working.

Then I went to the DCNM swagger/API interface and saw that there was another parameter expirationTime which seems mandatory.

It specifies the validity of the token obtained in miliseconds.

https://172.16.11.11/api-docs/


Example:

curl -i --insecure --header 'Authorization: Basic YWRtaW46c3VnMS1wdWxhCg' -H "Content-Type: application/json" -X POST -d "{ expirationTime: 1000 }" 'https://172.16.11.11/rest/logon'

 

Result:

{"Dcnm-Token":"h1hFTIq++I5Kl9zUqdxatikE5BOUGARvJenr3L6JX8eslcUF9QqMtaXs+z47tOssBvquBAh20mj6LL7PauIzICuoyoTV7pco4QJIuxi3mexF"}

 

Buona giornata

View solution in original post

CSI:Net
Level 1
Level 1

Bingo

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Mar 2021 10:21:46 GMT
Content-Type: application/json
Content-Length: 61
Connection: keep-alive
Cache-Control: no-store
X-Powered-By: Server
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-FRAME-OPTIONS: SAMEORIGIN
Content-Security-Policy: default-src https:;connect-src https: wss:;font-src https: data:;frame-src data: blob: https:;frame-ancestors https:;img-src https: data:;media-src https:;object-src https:;script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=360000
X-Content-Type-Options: nosniff

 

{"Dcnm-Token":"gtPgZQ6Hp/D4b6o*****??mQmcivkgtq6g+YS+***="}

View solution in original post

4 Replies 4

mtanases
Cisco Employee
Cisco Employee

Hi,


I just made a similar test and initially it was also not working.

Then I went to the DCNM swagger/API interface and saw that there was another parameter expirationTime which seems mandatory.

It specifies the validity of the token obtained in miliseconds.

https://172.16.11.11/api-docs/


Example:

curl -i --insecure --header 'Authorization: Basic YWRtaW46c3VnMS1wdWxhCg' -H "Content-Type: application/json" -X POST -d "{ expirationTime: 1000 }" 'https://172.16.11.11/rest/logon'

 

Result:

{"Dcnm-Token":"h1hFTIq++I5Kl9zUqdxatikE5BOUGARvJenr3L6JX8eslcUF9QqMtaXs+z47tOssBvquBAh20mj6LL7PauIzICuoyoTV7pco4QJIuxi3mexF"}

 

Buona giornata

CSI:Net
Level 1
Level 1

Bingo

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Mar 2021 10:21:46 GMT
Content-Type: application/json
Content-Length: 61
Connection: keep-alive
Cache-Control: no-store
X-Powered-By: Server
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-FRAME-OPTIONS: SAMEORIGIN
Content-Security-Policy: default-src https:;connect-src https: wss:;font-src https: data:;frame-src data: blob: https:;frame-ancestors https:;img-src https: data:;media-src https:;object-src https:;script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=360000
X-Content-Type-Options: nosniff

 

{"Dcnm-Token":"gtPgZQ6Hp/D4b6o*****??mQmcivkgtq6g+YS+***="}

Now it seams is missing something to use the token for the REST.

 

curl -i --insecure --header 'Dcnm-Token: gt==token gotted from above====' -H "Content-Type: application/json" -X GET 'https://dcnm-ip/rest/control/fabrics'

 

HTTP/1.1 401 Unauthorized
Server: nginx
Date: Fri, 26 Mar 2021 14:00:34 GMT
Content-Type: application/json
Content-Length: 24
Connection: keep-alive
Cache-Control: no-store
X-Powered-By: Server
X-XSS-Protection: 1; mode=block
Pragma: no-cache
X-FRAME-OPTIONS: SAMEORIGIN
Content-Security-Policy: default-src https:;connect-src https: wss:;font-src https: data:;frame-src data: blob: https:;frame-ancestors https:;img-src https: data:;media-src https:;object-src https:;script-src 'unsafe-inline' 'unsafe-eval' https:;style-src 'unsafe-inline' https:;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=360000

mtanases
Cisco Employee
Cisco Employee

Hi,

I used the following:

1) curl -k -XPOST --header "Authorization: Basic YWRtaW46c3VnMS1wdWxhCg==" -d "{"expirationTime"=300000}" https://172.16.11.11/rest/logon

I had the expirationTime initially set to a too little value and the token was expiring before I could use it in my second request, thus was getting the same error as you were.

I set it now to 300000 miliseconds = 300 seconds = 5 min :).

2) curl -k -XGET --header 'Dcnm-Token: nGwkuuL56MMg2OVTiknz7HicREWXiE9d4tBadbsIWQBOSVEm9h9rcvgYVgePm8UWxwyWIu3RLBuu7WivttEV5ZCCWunJ9tmMSiAzSQuLkBIJ' https://172.16.11.11/rest/control/fabrics

 

Review Cisco Networking for a $25 gift card