Cisco Unity Connection Provisioning Interface (CUPI) API -- Authentication and Authorization

From DocWiki

(Difference between revisions)
Jump to: navigation, search
(Authentication Rules API)
 
(12 intermediate revisions not shown)
Line 18: Line 18:
__TOC__
__TOC__
-
 
-
== Authentication Rules API ==
 
-
 
-
In Cisco Unity Connection, the authentication rules govern user passwords, PINs, and account lockouts for all user accounts. You use the authentication rules to secure how users access Unity Connection by phone, and how users access Cisco Unity Connection Administration and the Cisco Personal Communications Assistant (Cisco PCA).
 
-
 
-
For example, an authentication rule determines:
 
-
* The number of failed sign-in attempts that are allowed before an account is locked.
 
-
* The number of minutes an account remains locked before it is reset.
 
-
* Whether a locked account must be unlocked manually by an administrator
 
-
* The minimum length allowed for passwords and PINs.
 
-
* The number of days before a password or PIN expires.
 
-
 
-
Administrator can use this API to create/update/delete/fetch the authentication rules. You can update various attributes of authentication rule using this API.
 
-
 
-
 
-
=== Listing the Authentication Rules ===
 
-
 
-
The following is an example of the GET request that fetch the list of authentication rules:
 
-
<pre>
 
-
GET https://<connection-server>/vmrest/authenticationrules
 
-
</pre>
 
-
 
-
The following is the response from the above *GET* request and the actual response will depend upon the information given by you:
 
-
<pre>
 
-
<AuthenticationRules total="2">
 
-
<AuthenticationRule>
 
-
<URI>/vmrest/authenticationrules/4ceee1ae-8935-43d2-9d59-fafeb3533a91</URI>
 
-
<ObjectId>4ceee1ae-8935-43d2-9d59-fafeb3533a91</ObjectId>
 
-
<HackResetTime>30</HackResetTime>
 
-
<LocationObjectId>c50a4765-d55a-4c88-b961-45f1b9b481c5</LocationObjectId>
 
-
<LocationURI>/vmrest/locations/connectionlocations/c50a4765-d55a-4c88-b961-45f1b9b481c5</LocationURI>
 
-
<LockoutDuration>30</LockoutDuration>
 
-
<MaxDays>120</MaxDays>
 
-
<MaxHacks>7</MaxHacks>
 
-
<MinLength>8</MinLength>
 
-
<PrevCredCount>5</PrevCredCount>
 
-
<TrivialCredChecking>true</TrivialCredChecking>
 
-
<DisplayName>Recommended Web Application Authentication Rule</DisplayName>
 
-
<MinDuration>1440</MinDuration>
 
-
<ExpiryWarningDays>15</ExpiryWarningDays>
 
-
</AuthenticationRule>
 
-
<AuthenticationRule>
 
-
<URI>/vmrest/authenticationrules/f0575a72-afaa-43f1-bb3b-ae9382a9bfaa</URI>
 
-
<ObjectId>f0575a72-afaa-43f1-bb3b-ae9382a9bfaa</ObjectId>
 
-
<HackResetTime>30</HackResetTime>
 
-
<LocationObjectId>c50a4765-d55a-4c88-b961-45f1b9b481c5</LocationObjectId>
 
-
<LocationURI>/vmrest/locations/connectionlocations/c50a4765-d55a-4c88-b961-45f1b9b481c5</LocationURI>
 
-
<LockoutDuration>30</LockoutDuration>
 
-
<MaxDays>180</MaxDays>
 
-
<MaxHacks>3</MaxHacks>
 
-
<MinLength>6</MinLength>
 
-
<PrevCredCount>5</PrevCredCount>
 
-
<TrivialCredChecking>true</TrivialCredChecking>
 
-
<DisplayName>Recommended Voice Mail Authentication Rule</DisplayName>
 
-
<MinDuration>1440</MinDuration>
 
-
<ExpiryWarningDays>15</ExpiryWarningDays>
 
-
</AuthenticationRule>
 
-
</AuthenticationRules>
 
-
Response Code: 200
 
-
</pre>
 
-
 
-
'''JSON Example'''
 
-
 
-
To get the details of all authentication rules (GET) using JSON, do the following:
 
-
<pre>
 
-
GET https://<connection-server>/vmrest/authenticationrules
 
-
Accept: application /json
 
-
Connection: keep-alive
 
-
</pre>
 
-
The following is the response from the above *GET* request and the actual response will depend upon the information given by you:
 
-
<pre>
 
-
{
 
-
"@total":"2"
 
-
"AuthenticationRule":[
 
-
{
 
-
"URI":"/vmrest/authenticationrules/7b282b66-73b1-4989-9d94-3d105b6ef5e8"
 
-
"ObjectId":"7b282b66-73b1-4989-9d94-3d105b6ef5e8"
 
-
"HackResetTime":"30"
 
-
"LocationObjectId":"830e1a2d-8e90-459f-88f7-700497ba975c"
 
-
"LocationURI":"/vmrest/locations/connectionlocations/830e1a2d-8e90-459f-88f7-700497ba975c"
 
-
"LockoutDuration":"30"
 
-
"MaxDays":"120"
 
-
"MaxHacks":"7"
 
-
"MinLength":"8"
 
-
"PrevCredCount":"5"
 
-
"TrivialCredChecking":"false"
 
-
"DisplayName":"Recommended Web Application Authentication Rule"
 
-
"MinDuration":"1440"
 
-
"ExpiryWarningDays":"15"
 
-
}
 
-
{
 
-
"URI":"/vmrest/authenticationrules/cd86d247-df90-435b-9df6-d94c027bbb20"
 
-
"ObjectId":"cd86d247-df90-435b-9df6-d94c027bbb20"
 
-
"HackResetTime":"30"
 
-
"LocationObjectId":"830e1a2d-8e90-459f-88f7-700497ba975c"
 
-
"LocationURI":"/vmrest/locations/connectionlocations/830e1a2d-8e90-459f-88f7-700497ba975c"
 
-
"LockoutDuration":"30"
 
-
"MaxDays":"180"
 
-
"MaxHacks":"3"
 
-
"MinLength":"6"
 
-
"PrevCredCount":"5"
 
-
"TrivialCredChecking":"true"
 
-
"DisplayName":"Recommended Voice Mail Authentication Rule"
 
-
"MinDuration":"1440"
 
-
"ExpiryWarningDays":"15"
 
-
}
 
-
]
 
-
}
 
-
Response Code: 200
 
-
</pre>
 
-
 
-
 
-
=== Viewing the Specific Authentication Rule ===
 
-
 
-
The following is an example of the GET request that lists the details of specific authentication rule represented by the provided value of authentication rule ID:
 
-
<pre>
 
-
GET https://<connection-server>/vmrest/authenticationrules/<authenticationrule-objectid>
 
-
</pre>
 
-
The following is the response from the above *GET* request and the actual response will depend upon the information given by you:
 
-
<pre>
 
-
<AuthenticationRule>
 
-
<URI>/vmrest/authenticationrules/b3d033be-1b1c-4624-96d3-9860867d3a34</URI>
 
-
<ObjectId>b3d033be-1b1c-4624-96d3-9860867d3a34</ObjectId>
 
-
<HackResetTime>30</HackResetTime>
 
-
<LocationObjectId>c50a4765-d55a-4c88-b961-45f1b9b481c5</LocationObjectId>
 
-
<LocationURI>/vmrest/locations/connectionlocations/c50a4765-d55a-4c88-b961-45f1b9b481c5</LocationURI>
 
-
<LockoutDuration>1440</LockoutDuration>
 
-
<MaxDays>180</MaxDays>
 
-
<MaxHacks>3</MaxHacks>
 
-
<MinLength>8</MinLength>
 
-
<PrevCredCount>12</PrevCredCount>
 
-
<TrivialCredChecking>true</TrivialCredChecking>
 
-
<DisplayName>Texoma2</DisplayName>
 
-
<MinDuration>0</MinDuration>
 
-
<ExpiryWarningDays>15</ExpiryWarningDays>
 
-
</AuthenticationRule>
 
-
Response Code: 200
 
-
</pre>
 
-
 
-
'''JSON Example'''
 
-
 
-
To view the details of an individual authentication rule (GET) using JSON, do the following:
 
-
<pre>
 
-
GET https://<connection-server>/vmrest/authenticationrules/<authenticationrule-objectid>
 
-
Accept: application/json
 
-
Connection: keep-alive
 
-
</pre>
 
-
The following is the response from the above *GET* request and the actual response will depend upon the information given by you:
 
-
<pre>
 
-
{
 
-
"URI":"/vmrest/authenticationrules/7b282b66-73b1-4989-9d94-3d105b6ef5e8"
 
-
"ObjectId":"7b282b66-73b1-4989-9d94-3d105b6ef5e8"
 
-
"HackResetTime":"30"
 
-
"LocationObjectId":"830e1a2d-8e90-459f-88f7-700497ba975c"
 
-
"LocationURI":"/vmrest/locations/connectionlocations/830e1a2d-8e90-459f-88f7-700497ba975c"
 
-
"LockoutDuration":"30"
 
-
"MaxDays":"120"
 
-
"MaxHacks":"7"
 
-
"MinLength":"8"
 
-
"PrevCredCount":"5"
 
-
"TrivialCredChecking":"false"
 
-
"DisplayName":"Recommended Web Application Authentication Rule"
 
-
"MinDuration":"1440"
 
-
"ExpiryWarningDays":"15"
 
-
}
 
-
Response Code: 200
 
-
</pre>
 
-
 
-
 
-
=== Creating a New Authentication Rule ===
 
-
The following is an example of POST request that can be used to create a new authentication rule.
 
-
<pre>
 
-
POST https://<connection-server>/vmrest/authenticationrules
 
-
<AuthenticationRule>
 
-
<DisplayName>Texoma1</DisplayName>
 
-
</AuthenticationRule>
 
-
</pre>
 
-
The response of the above POST command will be:
 
-
<pre>
 
-
Response Code: 201
 
-
/vmrest/authenticationrules/<authenticationrule-objectid>
 
-
</pre>
 
-
 
-
'''JSON Example'''
 
-
 
-
To create new authentication rules (POST):
 
-
<pre>
 
-
POST https://<connection-server>/vmrest/authenticationrules
 
-
Accept: application/json
 
-
Content-Type: application/json
 
-
Connection: keep-alive
 
-
{
 
-
"DisplayName": "Texoma 1"
 
-
}
 
-
</pre>
 
-
The following is the response from the above *POST* request and the actual response will depend upon the information given by you:
 
-
<pre>
 
-
Response Code: 201
 
-
/vmrest/authenticationrules/<authenticationrule-objectid>
 
-
</pre>
 
-
 
-
 
-
=== Updating the Authentication Rule ===
 
-
The following is an example of the PUT request that can be used to modify the authentication rule:
 
-
<pre>
 
-
PUT https://<connection-server>/vmrest/authenticationrules/<authenticationrule-objectid>
 
-
<AuthenticationRule>
 
-
<MinLength>12</MinLength>
 
-
<LockoutDuration>140</LockoutDuration>
 
-
</AuthenticationRule>
 
-
Response Code: 204
 
-
</pre>
 
-
 
-
'''JSON Example'''
 
-
To update display name of authentication rule:
 
-
<pre>
 
-
PUT https://<connection-server>/vmrest/authenticationrules/<authenticationrule-objectid>
 
-
Accept: application/json
 
-
Content-Type: application/json
 
-
Connection: keep-alive
 
-
{
 
-
"DisplayName": "Texoma_123"
 
-
}
 
-
</pre>
 
-
The following is the response from the above *PUT* request and the actual response will depend upon the information given by you:
 
-
<pre>
 
-
Response Code: 204
 
-
</pre>
 
-
 
-
 
-
=== Delete the Authentication Rule ===
 
-
This request can be used to delete an authentication rule.
 
-
<pre>
 
-
DELETE: https://<connection-server>/vmrest/ authenticationrules/<authenticationrule-objectid>
 
-
Response Code: 204
 
-
</pre>
 
-
 
-
 
-
'''JSON Example'''
 
-
To delete authentication rule with a valid object id:
 
-
<pre>
 
-
DELETE https://<connection-server>/vmrest/authenticationrules/<authenticationrule-objectid>
 
-
Accept: application/json
 
-
Connection: keep-alive
 
-
Response Code: 204
 
-
</pre>
 

Latest revision as of 13:39, 9 September 2013

Links to Other API pages: Cisco_Unity_Connection_APIs

CUPI Guide Contents
API Overview
Index of All CUPI Documentation


Contents


About CUPI Authentication and Authorization

CUPI uses the same authentication and authorization scheme that the administration console uses. This means that the objects an administrator has access to when authenticated are determined by the roles to which the administrator is assigned. 

CUPI authenticates by using standard HTTPS and Basic authentication, so that credentials can be passed by using typical mechanisms to send username and password via HTTP headers.

Rating: 1.0/5 (3 votes cast)

Personal tools