API v1: Authentication

Deprecated since version 5.4

  • Please be informed that the endpoints outlined within this section have been deprecated and are scheduled for removal in the next major release.
  • It is recommended to switch to the APIv2 API Key authentication method as soon as possible.

Accessing Fudo Enterprise data structures over API interface requires a user object defined in the local database. The same access rights restrictions apply to the API interface as in case of administration panel access.


Role Access rights
user
  • Connecting to servers through assigned safes.
  • Loggin to the User Portal (requires adding the user to the portal safe).
  • Fetching servers’ passwords (requires additional access right).
   
service
  • Accessing SNMP information.
   
operator
  • Logging in to the administration panel.
  • Browsing objects: servers, users, safes, accounts, to which the user has been assigned sufficient access permisions.
  • Blocking/unblocking objects: servers, users, safes, listeners, accounts, to which the user has been assigned sufficient access permisions.
  • Generating reports on demand and subscribing to periodic reports.
  • Managing email notifications.
  • Viewing live and archived sessions involving objects (user, safe, account, server), to which the user has been assigned sufficient access permissions.
  • Converting sessions and downloading converted content involving objects (user, safe, account, server), to which the user has been assigned sufficient access permissions.
  • Available dashboard widgets: concurrent sessions, suspicious sessions, account alerts, active users, cluster status, concurrent sessions chart.
   
admin
  • Logging in to the administration panel.
  • Managing objects: servers, users, safes, listeners, accounts, to which the user has been assigned sufficient access permisions.
  • Blocking/unblocking objects: servers, users, safes, listeners, accounts, to which the user has been assigned sufficient access permisions.
  • Generating reports on demand and subscribing to periodic reports.
  • Activating/deactivating email notifications.
  • Viewing live and archived sessions involving objects (user, safe, account, server), to which the user has been assigned management privileges.
  • Converting sessions and downloading converted content involving objects (user, safe, account, server), to which the user has been assigned sufficient access permissions.
  • Managing policies.
  • Available dashboard widgets: concurrent sessions, suspicious sessions, account alerts, active users, cluster status, concurrent sessions chart.
   
superadmin
  • Full access rights to objects management.
  • Full access rights to system configuration options.
  • Available dashboard widgets: concurrent sessions, suspicious sessions, account alerts, active users, cluster status, concurrent sessions chart, license, system events log.

Request

Method
POST
Path
/api/system/login
Headers
Content-Type: Application/JSON
Body
{
        username: username,
        password: password
}

Response

Status
200 OK
Headers
Content-Type: Application/JSON
Body
{
        sessionid: ygmd2env50zgr2nblypmrfcvarggn0uf
}

Response

Status
401 UNAUTHORIZED

Example request

curl -k -X POST -H "Accept:application/json" -H "Content-Type:application/json"
https://fudo.whl/api/system/login -d
{"username": "api_user", "password": "api_password"}

Result: {"sessionid":"oz2jfky042kz7d3zc2gos1ahxouxehk3"}

After successful authentication, include the key Authorization with the received value of the``sessionsid`` into the Headers of the future requests.