FMC REST API 6.1

Answered Question
Sep 12th, 2016
User Badges:
  • Silver, 250 points or more

I am currently playing around with firepower rest api on FMC 6.1 and I am looking for a method to get domain name to domain id mapping. Since the specific domain id must be used in the URL to consume the api I would like to get the ID by name.


https://fmc.example.com/api/fmc_platform/v1/domain/<domainid>/<operation>


Please let me know if there is a way to do this atm. Since the api-explorer provides a dropdown to select the correct domain I think this should be possible.


kind regards

Oliver

Correct Answer by dohurd about 7 months 4 weeks ago

I did get some more insight that may be helpful:


When you retrieve the token, the domains uuids for which the user is authorized are sent in the HTTP header along with the tokens.

When you run a post to the following URI:

https://[FMCIP]/api/fmc_platform/v1/auth/generatetoken

using your API credentials (username and password), the return headers will include DOMAIN details. The example below has the domain highlighted. As Kirti said this is the domain the user is authorized to login to so it can be used to quickly and easily identify which domain you are making calls to.

 

Accept-Ranges bytes

Cache-Control no-cache, no-store, must-revalidate, max-age=0

Connection Keep-Alive

Content-Length 0

DOMAINS [{"name":"Global","uuid":"e276abec-e0f2-11e3-8169-6d9ed49b625f"}]

DOMAIN_ID 111

DOMAIN_UUID e276abec-e0f2-11e3-8169-6d9ed49b625f

Date Fri, 28 Oct 2016 12:45:42 GMT

Keep-Alive timeout=5, max=100

Server Apache

USER_UUID 9fcaa802-742f-11e6-940a-dcadeeddb529

Vary Accept-Charset,Accept-Encoding,Accept-Language,Accept

X-Frame-Options SAMEORIGIN

X-auth-access-token bfc90e8e-6893-4cc6-a82f-3b6579b13444

X-auth-refresh-token 6c0bbbbb-2550-47c3-a165-20c0ee28e470

global e276abec-e0f2-11e3-8169-6d9ed49b625f

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
kaisero Thu, 10/27/2016 - 11:12
User Badges:
  • Silver, 250 points or more

After reading docs and using the API for quite some time, I have concluded that this is not possible atm or not documented... Hoping for 6.2 to fix this issue.

dohurd Thu, 10/27/2016 - 13:08
User Badges:
  • Cisco Employee,

I checked and its not in the 6.2 release.  I've asked about the following release. .. TBD

Correct Answer
dohurd Fri, 10/28/2016 - 05:51
User Badges:
  • Cisco Employee,

I did get some more insight that may be helpful:


When you retrieve the token, the domains uuids for which the user is authorized are sent in the HTTP header along with the tokens.

When you run a post to the following URI:

https://[FMCIP]/api/fmc_platform/v1/auth/generatetoken

using your API credentials (username and password), the return headers will include DOMAIN details. The example below has the domain highlighted. As Kirti said this is the domain the user is authorized to login to so it can be used to quickly and easily identify which domain you are making calls to.

 

Accept-Ranges bytes

Cache-Control no-cache, no-store, must-revalidate, max-age=0

Connection Keep-Alive

Content-Length 0

DOMAINS [{"name":"Global","uuid":"e276abec-e0f2-11e3-8169-6d9ed49b625f"}]

DOMAIN_ID 111

DOMAIN_UUID e276abec-e0f2-11e3-8169-6d9ed49b625f

Date Fri, 28 Oct 2016 12:45:42 GMT

Keep-Alive timeout=5, max=100

Server Apache

USER_UUID 9fcaa802-742f-11e6-940a-dcadeeddb529

Vary Accept-Charset,Accept-Encoding,Accept-Language,Accept

X-Frame-Options SAMEORIGIN

X-auth-access-token bfc90e8e-6893-4cc6-a82f-3b6579b13444

X-auth-refresh-token 6c0bbbbb-2550-47c3-a165-20c0ee28e470

global e276abec-e0f2-11e3-8169-6d9ed49b625f

kaisero Fri, 10/28/2016 - 15:51
User Badges:
  • Silver, 250 points or more

Thanks a lot for taking the time, I have tested it and found the domain mappings in the header of the authtoken request as you mentioned!



Actions

This Discussion