Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4697
Views
10
Helpful
5
Replies

FMC REST API 6.1

Go to solution
Oliver Kaiser
Level 7
Level 7

‎09-12-2016 06:30 AM - edited ‎02-21-2020 05:54 AM

I am currently playing around with firepower rest api on FMC 6.1 and I am looking for a method to get domain name to domain id mapping. Since the specific domain id must be used in the URL to consume the api I would like to get the ID by name.

https://fmc.example.com/api/fmc_platform/v1/domain/<domainid>/<operation>

Please let me know if there is a way to do this atm. Since the api-explorer provides a dropdown to select the correct domain I think this should be possible.

kind regards

Oliver

1 person had this problem
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
dohurd
Cisco Employee
Cisco Employee
In response to dohurd

‎10-28-2016 05:51 AM

I did get some more insight that may be helpful:

When you retrieve the token, the domains uuids for which the user is authorized are sent in the HTTP header along with the tokens.

When you run a post to the following URI:

https://[FMCIP]/api/fmc_platform/v1/auth/generatetoken

using your API credentials (username and password), the return headers will include DOMAIN details. The example below has the domain highlighted. As Kirti said this is the domain the user is authorized to login to so it can be used to quickly and easily identify which domain you are making calls to.

 

Accept-Ranges bytes

Cache-Control no-cache, no-store, must-revalidate, max-age=0

Connection Keep-Alive

Content-Length 0

DOMAINS [{"name":"Global","uuid":"e276abec-e0f2-11e3-8169-6d9ed49b625f"}]

DOMAIN_ID 111

DOMAIN_UUID e276abec-e0f2-11e3-8169-6d9ed49b625f

Date Fri, 28 Oct 2016 12:45:42 GMT

Keep-Alive timeout=5, max=100

Server Apache

USER_UUID 9fcaa802-742f-11e6-940a-dcadeeddb529

Vary Accept-Charset,Accept-Encoding,Accept-Language,Accept

X-Frame-Options SAMEORIGIN

X-auth-access-token bfc90e8e-6893-4cc6-a82f-3b6579b13444

X-auth-refresh-token 6c0bbbbb-2550-47c3-a165-20c0ee28e470

global e276abec-e0f2-11e3-8169-6d9ed49b625f

View solution in original post

5 Replies 5

Go to solution
Oliver Kaiser
Level 7
Level 7

‎10-27-2016 11:12 AM

After reading docs and using the API for quite some time, I have concluded that this is not possible atm or not documented... Hoping for 6.2 to fix this issue.

0 Helpful

Go to solution
dohurd
Cisco Employee
Cisco Employee
In response to Oliver Kaiser

‎10-27-2016 01:08 PM

I checked and its not in the 6.2 release.  I've asked about the following release. .. TBD

Go to solution
dohurd
Cisco Employee
Cisco Employee
In response to dohurd

‎10-28-2016 05:51 AM

I did get some more insight that may be helpful:

When you retrieve the token, the domains uuids for which the user is authorized are sent in the HTTP header along with the tokens.

When you run a post to the following URI:

https://[FMCIP]/api/fmc_platform/v1/auth/generatetoken

using your API credentials (username and password), the return headers will include DOMAIN details. The example below has the domain highlighted. As Kirti said this is the domain the user is authorized to login to so it can be used to quickly and easily identify which domain you are making calls to.

 

Accept-Ranges bytes

Cache-Control no-cache, no-store, must-revalidate, max-age=0

Connection Keep-Alive

Content-Length 0

DOMAINS [{"name":"Global","uuid":"e276abec-e0f2-11e3-8169-6d9ed49b625f"}]

DOMAIN_ID 111

DOMAIN_UUID e276abec-e0f2-11e3-8169-6d9ed49b625f

Date Fri, 28 Oct 2016 12:45:42 GMT

Keep-Alive timeout=5, max=100

Server Apache

USER_UUID 9fcaa802-742f-11e6-940a-dcadeeddb529

Vary Accept-Charset,Accept-Encoding,Accept-Language,Accept

X-Frame-Options SAMEORIGIN

X-auth-access-token bfc90e8e-6893-4cc6-a82f-3b6579b13444

X-auth-refresh-token 6c0bbbbb-2550-47c3-a165-20c0ee28e470

global e276abec-e0f2-11e3-8169-6d9ed49b625f

Go to solution
Oliver Kaiser
Level 7
Level 7
In response to dohurd

‎10-28-2016 03:51 PM

Thanks a lot for taking the time, I have tested it and found the domain mappings in the header of the authtoken request as you mentioned!

0 Helpful

Go to solution
Alexander Hartmaier
Level 1
Level 1
In response to dohurd

‎03-08-2017 03:03 AM

In 6.2.0 the header name is lowercase 'domains'.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card