Nov
11

Authentication Methods using REST API With Nutanix

Nutanix support two types of authentication at the backend when using REST-API:

1. Basic Authentication: The user provides user-id and password every time a request is send as the auth-header.

2. Session Authentication: The user credentials are stored in a cookie. Initially, first request has the auth header that has the user credentials and that is stored in cookie by enabling cookie management. Next time, the request again comes in for the same user, auth header is not needed since the details are stored in cookie and the session is granted.The timeout for the session is 15 minutes which means if the second request is not send within 15 minutes it needs to send the request again with auth header.

The article is for developers creating authentication methods using REST-API. Keep in mind everything you see in Prism can be done using the Rest-API.

Basic Auth example with REST-API : The below example is for creating Basic Authentication using REST-API.

curl --user : --insecure -H "Content-Type: application/json" -H "Accept: application/json" https://:9440/PrismGateway/services/rest/v1/vms
curl -X GET -H "Content-Type: application/json" -H "Authorization: BasicYWRtaW46YWRtaW4=" -khttps://10.1.59.35:9440/PrismGateway/services/rest/v1/vms/

– Please note that if you use the header option, the value is obtained by doing base64 encoding of “:

Session Auth example with REST-API: The below example is for creating Session based Authentication using REST-API.

#!/usr/bin/env perl -w
use strict;
use LWP;
use MIME::Base64;
use feature qw(say);
# Creates an UserAgent object.
my $ua = LWP::UserAgent->new( );
# Enable in-memory cookie management
$ua->cookie_jar( {} );
# Disable verify host certificate (only needed for self-signed cert)
$ua->ssl_opts( 'verify_hostname' => 0 );
# Sends a request that does the authorization to grant a session.
# Because we enabled cookie management, it will get stored
my $credentials = encode_base64('admin:admin');
my $response = $ua->get(
'https://10.4.21.24:9440/PrismGateway/services/rest/v1/cluster',
'Authorization' => "Basic $credentials"
);
say '------- Response -------';
say $response->content;
# Send another request, this will no longer need the auth header as
# the session is granted and the cookie is stored, and will be applied
# automatically by the UserAgent object.
# Please note that a grant session will expire in 15 minutes, which means
# if you don't make a request within 15 minutes, you will need to
# grant a new session by using the Authorization header again.
$response = $ua->get(
'https://10.4.21.24:9440/PrismGateway/services/rest/v1/cluster/name_servers'
);
say '------- Response -------';
say $response->content;

Use case for Session Auth is if you are doing heavy REST API work, you wouldn’t want to authenticate every call, which will make overall operations more efficient.thr

All REST-API options are available thru the REST-API Explorer which is inside of Prism.

2015-11-11_23-13-06

Comments

  1. Hi I am new to nutanix.How do i get to know what version of rest api prism is using whether v0.8 or v1.Can anyone help.

Speak Your Mind

*