Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

ACS 5.x: REST Web Services



This document describes what REST is and explains how to use it in ACS 5.x.


What is REST?

REST is known as “web service” without the SOAP wrapping and it stands for “Representational State Transfer”. REST is implemented over HTTPS and not HTTP.


With ACS 5.x we can use REST as an alternative to import / export operations of objects through CSV files. ACS 5.x supports CRUD operations

(Create, Read, Update, Delete) on its objects through REST. When using REST, ACS objects are returned / sent in simple XML format. Each CRUD operation is represented by different HTTP method, e.g. for read -- GET, for create -- POST, etc.


REST can be used with ACS 5.x for following:

-Programmatically retrieve ACS version

-Programmatically use CRUD operation on the following objects:


Identity Groups

-Programmatically Retrieve list of ACS error codes

-Programmatically Retrieve Service Location

-Programmatically Retrieve list of all ACS nodes in distributed environment


REST Operations


A simple setup for REST operations would look like this:




In general REST is used for CRUD (Create, Read, Update, and Delete) operations on the objects of ACS. Here is a list of operations that are supported:




To get a feel of the REST operations, you can install a REST client for your Firefox browser from here:


Here is a glimpse of the client loaded on the browser.



Enable REST web interface on ACS

Once the REST client is opened the first that you need to do is enable REST interface on the ACS 5.x server from CLI using the following command:


acs config-web-interface rest enable


The status of the REST can be verified from the command:


acs51/admin# show acs-config-web-interface

migration interface is disabled

ucp interface is disabled

view interface is disabled

rest interface is enabled





There is a specific format that you need to use to fetch information through REST client from ACS. Note: The format is case sensitive.


URL includes: 


Service name: Rest

Package name: Identity or Common


Object Type: User, Identity Group, and so on 


Object Identifier are valid with GET and DELETE methods 


Operation name is required for operations other than CRUD such as query.


For example: To retrieve all the users the URL will be:

https://x.x.x.x/Rest/Identity/User with GET method.


For more information please refer to ACS 5.x REST Guide


Sample Retrieve all Users


First we need to provide ACS GUI credentials on the REST client before we can begin any CRUD operation:




Then enter the URL as shown in the figure below:




Sample Retrieve all Groups





For more information on REST please refer to ACS 5.3 REST Guide

New Member

Hi Devendra,


Good! this really helps me,

is there any sample for POST method?







is there any way to get the Access Policy( Access Services - > Authorization  ) information ?