AFA SOAP web services

AFA offers a SOAP API which allows you to integrate AFA functionality into external applications.

The AFA WSDL file

The AFA Web service's WSDL file is available at:

https://<algosec_server>/AFA/php/ws.php?wsdl

where <algosec_server> is the AFA/FireFlow server URL.

Back to top

AFA SOAP method reference

The standard SOAP request envelope header for AFA is:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:afa="https://www.algosec.com/afa-ws">  

<soapenv:Header/>

Note: The entity name is the display name for the device/group/matrix. The entity ID (tree name) is an internal representation of the device/group/matrix, usually the display name without non-alphanumeric characters or spaces.

The AFA SOAP interface supports the following methods:

AFA SOAP methods Description
connect

Starting a Session

Note: All other methods require a session ID which is obtained with the connect method.
is_session_alive Verifying a Session is Active
disconnect Ending a Session
get_configuration Getting the Configuration
get_entity_name Retrieving an Entity Name
get_entity_id Retrieving an Entity ID
create_device Creating a Device
create_device_group Creating a Device Group
add_device_to_group Adding a Device to a Group
get_devices_list Retrieving a List of all Devices
get_groups_list Retrieving a List of all Groups
get_group_content Retrieving a List of Devices Contained in a Group
device_changes_over_time_report Device Changes Over Time
set_scheduler_job Creating and Updating a Scheduler Job
delete_scheduler_job Deleting a Scheduler Job
start_analysis Starting an Analysis
query Run traffic simulation queries
get_all_hostgroups

Retrieving a List of all Network Object Information

get_hostgroups_by_device Retrieving a Device's Network Object Information
get_hostgroup_by_name_and_device Retrieving a Network Object's Information
get_all_services Retrieving a List of all Service Object Information
get_services_by_device Retrieving a Device's Service Object Information
get_service_by_name_and_device Retrieving a Service Object's Information
get_rules_by_device Retrieving a List of a Device's Rules
search_rule Searching for Rules
get_rule_documentation Retrieving a Rule's Documentation
edit_rule_documentation Editing a Rule's Documentation
get_unused_rules Retrieving a List of Unused Rules
risks_summary Retrieving Risk Information for a Device
get_device_statistics Retrieving Statistics for a Device
get_nat_discovery Retrieving NAT Values for a Device or Group
get_report_pdf Retrieving PDF of Report Page
set_configuration Setting Configuration Parameters
importing_risks_from_spreadsheet Import Risks from Spreadsheet
importing_risks_from_XML Import Risks from XML File
create_role Creating a New Role
delete_role Deleting a Role
update_role Updating a Role
create_user Creating a New User
delete_user Deleting a User
update_user Updating a User
get_containing_objects Retrieve containing objects
get_license Retrieve license
get_parent_device Retrieve parent device
search_object_by_IP Search for object by IP

If the method's operation is successful, the method response returns data items or an indication of success. If the method's operation was not successful, the response indicates that a SOAP fault has been thrown. For more details, see SOAP faults and SOAP fault list.

Back to top

SOAP faults

The returned SOAP fault name is connectError.

The following are some of the possible additional SOAP faults:

  • The user does not have the necessary permissions.
  • The device is a group.

The following example is for a fault thrown when the user does not have permissions on the firewall.

<SOAP-ENV:Body>
   <SOAP-ENV:Fault>
      <faultcode>ns1:AFA-WS</faultcode>
      <faultstring>[710]  [device [fw3] is not in the list of permitted
devices]</faultstring>
      <faultactor>AFA Web Service</faultactor>
      <detail>
         <ns1:ErrorDetails>
            <code>710</code>
            <description>[710]  [device [fw3] is not in the list of permitted
devices]</description>
         </ns1:ErrorDetails>
      </detail>
   </SOAP-ENV:Fault>
</SOAP-ENV:Body>

Back to top