Log in to ASMS

The AFA REST API uses sessions to avoid re-authenticating with every request. You obtain a session ID in the response of this endpoint, which you use in all other REST API requests. For example,

For base URLs of type .../afa/api/v1: Use the sessionID value from the response as the values of the PHPSESSID parameter in the cookie.
For base URLs, of type .../fa/server: Use the sessionID value from the response as the values of the session parameter in your API requests.

Resource Name: /fa/server/connection/login

Request Method: POST

Request Parameters:

Element	Type	Description
username Mandatory	String	AlgoSec Security Management Suite username.
password Mandatory	String	AlgoSec Security Management Suite password.

ResponseParameters:

Element	Type	Description
`SessionID`	String	Session ID you will use in all your requests.
status	String	One of the following: true. Indicates login succeeded. false. Indicates login failed.
messageOnly is returned when the request fails.	String	An error message.

Element

Type

Description

SessionID

String

Session ID you will use in all your requests.

status

String

One of the following:

true. Indicates login succeeded.
false. Indicates login failed.

messageOnly is returned when the request fails.

String

An error message.

Request example

curl -H "Accept: application/json" -k --data "username=ned&password=algosec" 'https://localhost/fa/server/connection/login'

Response example (successful)

"status": true,
"SessionID": "XXX"

}
Status: 200

Response example (unsuccessful)

{
"status": false,
"message": "Login Failed: incorrect username or password\n"
}
Status: 403

Log in to ASMS

Sorry about that

Great!