Using Basic Authentication

In the Basic Authentication mechanism, you provide only the user credentials to access protected resources on the server. You provide the user credentials in an authorization header to the server. If the credentials are accurate, then the server provides the required response to access the APIs.

If you want to access the REST API services on ESA, then the IP address of ESA with the username and password must be provided. The ESA matches the credentials with the LDAP or AD. On successful authentication, the roles of the users are verified. The following conditions are checked:

If the role of the user is Security Officer, then the user can run GET, POST, and DELETE operations on the REST APIs.
If the role of the user is Security Viewer, then the user can only run GET operation on the REST APIs.

When the Basic Authentication is disabled, then a list of APIs are affected. For more information about the list of APIs, refer here.

The following Curl snippet provides an example to access an API on ESA.

curl -i -X <METHOD> "https://<ESA IP address>:8443/<path of the API>" -d "loginname=<username>&password=<password>"

This command uses an SSL connection. If the server certificates are not configured on ESA, you can append --insecure to the curl command.

For example,

curl -i -X <METHOD> "https://<ESA IP address>:8443/<path of the API>" -d "loginname=<username>&password=<password>" --insecure

You must provide the username and password every time you access the REST APIs on ESA.

←Previous
Next→

Last modified February 7, 2025