Cisco Unity Connection Provisioning Interface (CUPI) API -- Authentication and Authorization

From DocWiki

(Difference between revisions)
Jump to: navigation, search
Line 42: Line 42:
-
== Listing the Authentication Rules ==
+
=== Listing the Authentication Rules ===
The following is an example of the GET request that fetch the list of authentication rules:
The following is an example of the GET request that fetch the list of authentication rules:
Line 139: Line 139:
-
== Viewing the Specific Authentication Rule ==
+
=== Viewing the Specific Authentication Rule ===
The following is an example of the GET request that lists the details of specific authentication rule represented by the provided value of authentication rule ID:  
The following is an example of the GET request that lists the details of specific authentication rule represented by the provided value of authentication rule ID:  
Line 196: Line 196:
-
== Creating a New Authentication Rule ==
+
=== Creating a New Authentication Rule ===
The following is an example of POST request that can be used to create a new authentication rule.
The following is an example of POST request that can be used to create a new authentication rule.
<pre>
<pre>
Line 229: Line 229:
-
== Updating the Authentication Rule ==
+
=== Updating the Authentication Rule ===
The following is an example of the PUT request that can be used to modify the authentication rule:
The following is an example of the PUT request that can be used to modify the authentication rule:
<pre>
<pre>
Line 257: Line 257:
-
== Delete the Authentication Rule ==
+
=== Delete the Authentication Rule ===
This request can be used to delete an authentication rule.
This request can be used to delete an authentication rule.
<pre>
<pre>

Revision as of 08:23, 4 September 2013

Links to Other API pages: Cisco_Unity_Connection_APIs

CUPI Guide Contents
API Overview
Index of All CUPI Documentation


Contents


About CUPI Authentication and Authorization

CUPI uses the same authentication and authorization scheme that the administration console uses. This means that the objects an administrator has access to when authenticated are determined by the roles to which the administrator is assigned. 

CUPI authenticates by using standard HTTPS and Basic authentication, so that credentials can be passed by using typical mechanisms to send username and password via HTTP headers.


Authentication Rules API

In Cisco Unity Connection, the authentication rules govern user passwords, PINs, and account lockouts for all user accounts. You use the authentication rules to secure how users access Unity Connection by phone, and how users access Cisco Unity Connection Administration and the Cisco Personal Communications Assistant (Cisco PCA).

For example, an authentication rule determines:

  • The number of failed sign-in attempts that are allowed before an account is locked.
  • The number of minutes an account remains locked before it is reset.
  • Whether a locked account must be unlocked manually by an administrator
  • The minimum length allowed for passwords and PINs.
  • The number of days before a password or PIN expires.

Administrator can use this API to create/update/delete/fetch the authentication rules. You can update various attributes of authentication rule using this API.

By using the following information, you can have a clear understanding about the given:


Listing the Authentication Rules

The following is an example of the GET request that fetch the list of authentication rules:

GET https://<connection-server>/vmrest/authenticationrules

The following is the response from the above *GET* request and the actual response will depend upon the information given by you:

<AuthenticationRules total="2">
<AuthenticationRule>
<URI>/vmrest/authenticationrules/4ceee1ae-8935-43d2-9d59-fafeb3533a91</URI>
<ObjectId>4ceee1ae-8935-43d2-9d59-fafeb3533a91</ObjectId>
<HackResetTime>30</HackResetTime>
<LocationObjectId>c50a4765-d55a-4c88-b961-45f1b9b481c5</LocationObjectId>
<LocationURI>/vmrest/locations/connectionlocations/c50a4765-d55a-4c88-b961-45f1b9b481c5</LocationURI>
<LockoutDuration>30</LockoutDuration>
<MaxDays>120</MaxDays>
<MaxHacks>7</MaxHacks>
<MinLength>8</MinLength>
<PrevCredCount>5</PrevCredCount>
<TrivialCredChecking>true</TrivialCredChecking>
<DisplayName>Recommended Web Application Authentication Rule</DisplayName>
<MinDuration>1440</MinDuration>
<ExpiryWarningDays>15</ExpiryWarningDays>
</AuthenticationRule>
<AuthenticationRule>
<URI>/vmrest/authenticationrules/f0575a72-afaa-43f1-bb3b-ae9382a9bfaa</URI>
<ObjectId>f0575a72-afaa-43f1-bb3b-ae9382a9bfaa</ObjectId>
<HackResetTime>30</HackResetTime>
<LocationObjectId>c50a4765-d55a-4c88-b961-45f1b9b481c5</LocationObjectId>
<LocationURI>/vmrest/locations/connectionlocations/c50a4765-d55a-4c88-b961-45f1b9b481c5</LocationURI>
<LockoutDuration>30</LockoutDuration>
<MaxDays>180</MaxDays>
<MaxHacks>3</MaxHacks>
<MinLength>6</MinLength>
<PrevCredCount>5</PrevCredCount>
<TrivialCredChecking>true</TrivialCredChecking>
<DisplayName>Recommended Voice Mail Authentication Rule</DisplayName>
<MinDuration>1440</MinDuration>
<ExpiryWarningDays>15</ExpiryWarningDays>
</AuthenticationRule>
</AuthenticationRules>
Response Code: 200

JSON Example

To get the details of all authentication rules (GET) using JSON, do the following:

GET https://<connection-server>/vmrest/authenticationrules
Accept: application /json
Connection: keep-alive

The following is the response from the above *GET* request and the actual response will depend upon the information given by you:

{
"@total":"2"
"AuthenticationRule":[
{
"URI":"/vmrest/authenticationrules/7b282b66-73b1-4989-9d94-3d105b6ef5e8"
"ObjectId":"7b282b66-73b1-4989-9d94-3d105b6ef5e8"
"HackResetTime":"30"
"LocationObjectId":"830e1a2d-8e90-459f-88f7-700497ba975c"
"LocationURI":"/vmrest/locations/connectionlocations/830e1a2d-8e90-459f-88f7-700497ba975c"
"LockoutDuration":"30"
"MaxDays":"120"
"MaxHacks":"7"
"MinLength":"8"
"PrevCredCount":"5"
"TrivialCredChecking":"false"
"DisplayName":"Recommended Web Application Authentication Rule"
"MinDuration":"1440"
"ExpiryWarningDays":"15"
}
{
"URI":"/vmrest/authenticationrules/cd86d247-df90-435b-9df6-d94c027bbb20"
"ObjectId":"cd86d247-df90-435b-9df6-d94c027bbb20"
"HackResetTime":"30"
"LocationObjectId":"830e1a2d-8e90-459f-88f7-700497ba975c"
"LocationURI":"/vmrest/locations/connectionlocations/830e1a2d-8e90-459f-88f7-700497ba975c"
"LockoutDuration":"30"
"MaxDays":"180"
"MaxHacks":"3"
"MinLength":"6"
"PrevCredCount":"5"
"TrivialCredChecking":"true"
"DisplayName":"Recommended Voice Mail Authentication Rule"
"MinDuration":"1440"
"ExpiryWarningDays":"15"
}
]
}
Response Code: 200


Viewing the Specific Authentication Rule

The following is an example of the GET request that lists the details of specific authentication rule represented by the provided value of authentication rule ID:

GET https://<connection-server>/vmrest/authenticationrules/<authenticationrule-objectid>

The following is the response from the above *GET* request and the actual response will depend upon the information given by you:

<AuthenticationRule>
<URI>/vmrest/authenticationrules/b3d033be-1b1c-4624-96d3-9860867d3a34</URI>
<ObjectId>b3d033be-1b1c-4624-96d3-9860867d3a34</ObjectId>
<HackResetTime>30</HackResetTime>
<LocationObjectId>c50a4765-d55a-4c88-b961-45f1b9b481c5</LocationObjectId>
<LocationURI>/vmrest/locations/connectionlocations/c50a4765-d55a-4c88-b961-45f1b9b481c5</LocationURI>
<LockoutDuration>1440</LockoutDuration>
<MaxDays>180</MaxDays>
<MaxHacks>3</MaxHacks>
<MinLength>8</MinLength>
<PrevCredCount>12</PrevCredCount>
<TrivialCredChecking>true</TrivialCredChecking>
<DisplayName>Texoma2</DisplayName>
<MinDuration>0</MinDuration>
<ExpiryWarningDays>15</ExpiryWarningDays>
</AuthenticationRule>
Response Code: 200

JSON Example

To view the details of an individual authentication rule (GET) using JSON, do the following:

GET https://<connection-server>/vmrest/authenticationrules/<authenticationrule-objectid>
Accept: application/json
Connection: keep-alive

The following is the response from the above *GET* request and the actual response will depend upon the information given by you:

{
"URI":"/vmrest/authenticationrules/7b282b66-73b1-4989-9d94-3d105b6ef5e8"
"ObjectId":"7b282b66-73b1-4989-9d94-3d105b6ef5e8"
"HackResetTime":"30"
"LocationObjectId":"830e1a2d-8e90-459f-88f7-700497ba975c"
"LocationURI":"/vmrest/locations/connectionlocations/830e1a2d-8e90-459f-88f7-700497ba975c"
"LockoutDuration":"30"
"MaxDays":"120"
"MaxHacks":"7"
"MinLength":"8"
"PrevCredCount":"5"
"TrivialCredChecking":"false"
"DisplayName":"Recommended Web Application Authentication Rule"
"MinDuration":"1440"
"ExpiryWarningDays":"15"
}
Response Code: 200


Creating a New Authentication Rule

The following is an example of POST request that can be used to create a new authentication rule.

POST https://<connection-server>/vmrest/authenticationrules
<AuthenticationRule>
<DisplayName>Texoma1</DisplayName>
</AuthenticationRule>

The response of the above POST command will be:

Response Code: 201
/vmrest/authenticationrules/<authenticationrule-objectid>

JSON Example

To create new authentication rules (POST):

POST https://<connection-server>/vmrest/authenticationrules
Accept: application/json
Content-Type: application/json
Connection: keep-alive
{
"DisplayName": "Texoma 1"
}

The following is the response from the above *POST* request and the actual response will depend upon the information given by you:

Response Code: 201
/vmrest/authenticationrules/<authenticationrule-objectid>


Updating the Authentication Rule

The following is an example of the PUT request that can be used to modify the authentication rule:

PUT https://<connection-server>/vmrest/authenticationrules/<authenticationrule-objectid>
<AuthenticationRule>
<MinLength>12</MinLength>
<LockoutDuration>140</LockoutDuration>
</AuthenticationRule>
Response Code: 204

JSON Example To update display name of authentication rule:

PUT https://<connection-server>/vmrest/authenticationrules/<authenticationrule-objectid>
Accept: application/json
Content-Type: application/json
Connection: keep-alive
{ 
"DisplayName": "Texoma_123"
}

The following is the response from the above *PUT* request and the actual response will depend upon the information given by you:

Response Code: 204


Delete the Authentication Rule

This request can be used to delete an authentication rule.

DELETE: https://<connection-server>/vmrest/ authenticationrules/<authenticationrule-objectid>
Response Code: 204


JSON Example To delete authentication rule with a valid object id:

DELETE https://<connection-server>/vmrest/authenticationrules/<authenticationrule-objectid>
Accept: application/json
Connection: keep-alive
Response Code: 204

Rating: 1.0/5 (3 votes cast)

Personal tools