- Cisco Employee,
This document describes what REST is and explains how to use it in ACS 5.x.
What is REST?
REST is known as “web service” without the SOAP wrapping and it stands for “Representational State Transfer”. REST is implemented over HTTPS and not HTTP.
With ACS 5.x we can use REST as an alternative to import / export operations of objects through CSV files. ACS 5.x supports CRUD operations
(Create, Read, Update, Delete) on its objects through REST. When using REST, ACS objects are returned / sent in simple XML format. Each CRUD operation is represented by different HTTP method, e.g. for read -- GET, for create -- POST, etc.
REST can be used with ACS 5.x for following:
-Programmatically retrieve ACS version
-Programmatically use CRUD operation on the following objects:
-Programmatically Retrieve list of ACS error codes
-Programmatically Retrieve Service Location
-Programmatically Retrieve list of all ACS nodes in distributed environment
A simple setup for REST operations would look like this:
In general REST is used for CRUD (Create, Read, Update, and Delete) operations on the objects of ACS. Here is a list of operations that are supported:
To get a feel of the REST operations, you can install a REST client for your Firefox browser from here:
Here is a glimpse of the client loaded on the browser.
Enable REST web interface on ACS
Once the REST client is opened the first that you need to do is enable REST interface on the ACS 5.x server from CLI using the following command:
acs config-web-interface rest enable
The status of the REST can be verified from the command:
acs51/admin# show acs-config-web-interface
migration interface is disabled
ucp interface is disabled
view interface is disabled
rest interface is enabled
REST URL Format
There is a specific format that you need to use to fetch information through REST client from ACS. Note: The format is case sensitive.
•Service name: Rest
•Package name: Identity or Common
•Object Type: User, Identity Group, and so on
•Object Identifier are valid with GET and DELETE methods
•Operation name is required for operations other than CRUD such as query.
For example: To retrieve all the users the URL will be:
https://x.x.x.x/Rest/Identity/User with GET method.
For more information please refer to ACS 5.x REST Guide
Sample Retrieve all Users
First we need to provide ACS GUI credentials on the REST client before we can begin any CRUD operation:
Then enter the URL as shown in the figure below:
Sample Retrieve all Groups
For more information on REST please refer to ACS 5.3 REST Guide