1. REST API for Session Delivery ManagerREST API for Session Delivery Manager Release 9.0
  2. Authenticate

Authenticate

The Oracle Communications Session Delivery Manager (SDM) REST API uses the HTTP Cookie header for authentication. To successfully authenticate to the SBC, send a POST request to the authentication endpoint.

The Cookie Header

SDM uses the Cookie header to authenticate clients.

  1. The client sends credentials in a request body to /rest/{versionId}/admin/login.

    An example of the request body as XML:

    <?xml version="1.0" encoding="UTF-8"?>
<session>
  <userName>admin</userName>
  <password>passphrase</password>
</session>

    An example of the request body as JSON:

    {
    "userName":"admin",
    "password":"passphrase"
}

  2. SDM responds with the Set-Cookie header. 

    Set-Cookie: JSESSIONID=72B6313B8948356ED9D3F9B409B8FF0A.tomcat1; Path=/rest; HttpOnly

  3. The client passes the Cookie header in subsequent requests. 

    Cookie: JSESSIONID=72B6313B8948356ED9D3F9B409B8FF0A.tomcat1

Authenticating with cURL

  1. Send a POST request to the /rest/{versionId}/admin/login endpoint.

    Use the -c <filename> flag to save the cookie to a file.

    Use the -d@<filename> flag to send a local file as the request body. 

    curl -v -X POST \
    -c sessionid.txt \
    -d@request.xml \
    --header "Accept: application/xml" \
    --header "Content-Type: application/xml" \
    'https://example.com:8443/rest/v1.3/admin/login'

    The cookie is saved to sessionid.txt.

  2. In subsequent requests, send the cookie in the Cookie header.

    To do this with cURL, use the -b <filename> option. 

    curl -X GET \
    -b sessionid.txt \
    --header "Accept: application/xml" \
    'https://example.com:8443/rest/v1.3/admin/serverInfo'

Authenticating with Python

The following example shows how to get and send an authentication cookie using Python.

import requests
from lxml import etree

# set the endpoint
url = "https://example.com:8443/rest/v1.3/admin/login"

# create the HTTP headers
headers = { "Accept": "application/xml", "Content-Type":"application/xml" }

# read the credentials from a local file.
data = etree.tostring(etree.parse("request.xml"))

# send the POST request
resp = requests.post(url, headers=headers, data=data)

# extract the cookie from the response body
tree = etree.fromstring(resp.content)
cookie = tree.xpath('//sessionId')[0].text

# add the cookie to the headers dictionary
headers['Cookie'] = cookie

# the cookie is now included in subsequent requests
resp = requests.get("https://example.com:8443/rest/v1.3/admin/serverInfo", headers=headers)