cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
11142
Views
5
Helpful
2
Comments
Dev Vishwakarma
Cisco Employee
Cisco Employee

 

Introduction

This document describes what REST is and explains how to use it in ACS 5.x.

 

What is REST?

REST is known as “web service” without the SOAP wrapping and it stands for “Representational State Transfer”. REST is implemented over HTTPS and not HTTP.

 

With ACS 5.x we can use REST as an alternative to import / export operations of objects through CSV files. ACS 5.x supports CRUD operations

(Create, Read, Update, Delete) on its objects through REST. When using REST, ACS objects are returned / sent in simple XML format. Each CRUD operation is represented by different HTTP method, e.g. for read -- GET, for create -- POST, etc.

 

REST can be used with ACS 5.x for following:

-Programmatically retrieve ACS version

-Programmatically use CRUD operation on the following objects:

Users

Identity Groups

-Programmatically Retrieve list of ACS error codes

-Programmatically Retrieve Service Location

-Programmatically Retrieve list of all ACS nodes in distributed environment

 

REST Operations

 

A simple setup for REST operations would look like this:

 

rest.jpg

 

In general REST is used for CRUD (Create, Read, Update, and Delete) operations on the objects of ACS. Here is a list of operations that are supported:

 

rest0.jpg

 

To get a feel of the REST operations, you can install a REST client for your Firefox browser from here:

https://addons.mozilla.org/en-US/firefox/addon/restclient/

 

Here is a glimpse of the client loaded on the browser.

rest.jpg

 

Enable REST web interface on ACS

Once the REST client is opened the first that you need to do is enable REST interface on the ACS 5.x server from CLI using the following command:

 

acs config-web-interface rest enable

 

The status of the REST can be verified from the command:

 

acs51/admin# show acs-config-web-interface

migration interface is disabled

ucp interface is disabled

view interface is disabled

rest interface is enabled

 

 

REST URL Format

 

There is a specific format that you need to use to fetch information through REST client from ACS. Note: The format is case sensitive.

 

URL includes: 

 

Service name: Rest

Package name: Identity or Common

 

Object Type: User, Identity Group, and so on 

 

Object Identifier are valid with GET and DELETE methods 

 

Operation name is required for operations other than CRUD such as query.

 

For example: To retrieve all the users the URL will be:

https://x.x.x.x/Rest/Identity/User with GET method.

 

For more information please refer to ACS 5.x REST Guide

 

Sample Retrieve all Users

 

First we need to provide ACS GUI credentials on the REST client before we can begin any CRUD operation:

 

rest1.jpg

 

Then enter the URL as shown in the figure below:

 


rest2-3.jpg

 

Sample Retrieve all Groups

 

rest4.jpg

 

Reference

For more information on REST please refer to ACS 5.3 REST Guide

Comments
phino delian
Level 1
Level 1

Hi Devendra,

 

Good! this really helps me,

is there any sample for POST method?

 

Regards,

 

 

 

Roana
Level 1
Level 1

Hi, 

is there any way to get the Access Policy( Access Services - > Authorization  ) information ? 

Thanks 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: