Showing results for 
Search instead for 
Did you mean: 

VSM 7.0 REST API: How to PTZ?


Dear Colleagues,

I'm trying to use VSM 7.0 REST API to move the cameras connected (PTZ).
I have login/password credentials and I can log into VSM web interface.
How do I get SessionID in order to use in the context of REST API for PTZ?

The documentation isn't quite clear on this, or maybe I missed something...

Thank you.

3 Replies 3


Well, going furhter with my investigation I found a method which is said to be creating the SessionID.
It's not REST, it's SOAP, but well... If only it worked.
I can call login with SOAP, providing login/password and here's what I get in return:

Looking at the documentation I assume this ... contains the SessionId.
Also this value changes on every login, so I think it also confirms that this is the value I need.

But, as I try to use it for the PTZ REST call (as SessionId in the HTTP header) I get "Invalid SessionId header" from the server.

So... looks like I'm still not doing it right.

Also, mixing SOAP and REST looks pretty strange to me, so I suspect I'm doing it wrong somehow...


Ok, let me go on describing the discovery process.

My goal is to use VSM 7 API to perform PanTiltZoom actions on the cameras.
In the previous episode I figured out how to get SessionId using SOAP API.
Yet, this SessionId didn't seem to work in the context of doPTZ REST API call.

Well, there's something about security token, which are to be issued for each camera in order to get control over it.
It's a getSecurityToken SOAP call...

And now we enter a field which is pretty poorly documented and it required quite alot of hacking to get through:
SessionId is required to perform the getSecurityToken call, sure.

There's nothing in the docs on how to transfer the SessionId.
Trying to go on without specifying the SessionId throws an exception saying it should be in the request header.
But adding "SessionId:" didn't help - I was still getting the same exception.

At the same time analyzing how the VSM web interface works we figured out the SessionId is transferred in the cookies with the name of "x-ism-sid".
So, same cookies were added to the getSecurityToken request. This didn't help. Still the same exception regarding SessionId missing in the headers.
On, next iteration: "x-ism-sid:" was added to the request header (not the cookies, but header itself) and, it worked!


So... Now I have:
1. SessionId
2. Camera UID
3. valid SecurityToken for the camera

I should be ready to do some PTZ on it, right?

But the mistery is now over yet.

According to the documentation I should be doing PUT on this URL:


Ok, I see where the Camere UID goes, but what to do to the SessionId and the SecurityToken?

Somewhere in the documentation examples, not directly related to the PTZ activity it was mentioned that the SecurityToken goes as a token= request parameter. Ok, I've added it to the string:


Now, SessionId...
1. Going without SessionId at all responds with 403 - Forbidden. Message says "Access to the specified resource () has been forbidden.

2. Going with SessionId: in the request header results in 401 - Authentication Required and "Invalid SessionId header"
3. Setting SessionId with "x-ism-sid:" in the header or int the cookies resilts the same as 1.

I feel I'm getting closer to the final goal of my quest, but still have a riddle to solve.
Could someone familiar with this implementation please give me a hand?

Thank you

3 years and no reply??? that's a bit naughty. Well I seem to be experiencing the same sort of thing, PTZ was working in VSM 7.1 but now as usual something has changed and it's not working again, could someone from Cisco tell me the correct (new) way of gaining ptz control via vsm7.7 as after cisco upgrades yet again our customers have equipment that no longer works 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers