FireFlow REST web services

This section describes the FireFlow REST web services APIs.

Base URL

The base URL for all REST requests is the following:

https://<algosec_server>/FireFlow/api

where <algosec_server> is the AFA/FireFlow server URL.

Note: Every request must be in JSON format. Each request must include the content-type header with the value application/json.

Header requirements in FireFlow

The header requirement for all REST requests is:

Header requirements:

Key	Value
Cookie	FireFlow_Session=[sessionId]. The `sessionId` is retrieved from the authentication request.

Authentication is through a cookie session. For example:

curl -X POST --cookie "FireFlow_Session=c69bcc3e6832149642b32e" "https://192.168.11.23/FireFlow/api/change-requests/traffic" -H "accept: */*" -H "Content-Type: application/json" -d "{ \"template\": \"string\", \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ], \"traffic\": [ { \"source\": { \"items\": [ { \"address\": \"1.1.1.1\", \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ] } ] }, \"destination\": { \"items\": [ { \"address\": \"1.1.1.1\", \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ] } ] }, \"service\": { \"items\": [ { \"service\": \"tcp/80\", \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ] } ] }, \"application\": { \"items\": [ { \"name\": \"name to match\", \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ] } ] }, \"user\": { \"items\": [ { \"name\": \"name to match\", \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ] } ] }, \"action\": \"Allow/Drop\", \"natDetails\": { \"source\": [ \"string\" ], \"destination\": [ \"string\" ], \"port\": [ \"string\" ], \"type\": \"Static/Dynamic\" }, \"fields\": [ { \"name\": \"custom field name\", \"values\": [ \"custom field value 1\", \"custom field value 2\" ] } ] } ]}"

Tip: Login support for additional languages

Python

Copy

import requests, json
from requests.auth import HTTPBasicAuth
import pprint

pp = pprint.PrettyPrinter(indent=4)

# This will suppress all warnings though, not just InsecureRequest
# (ie it will also suppress InsecurePlatform etc). In cases where we just want stuf
# Remove if signed certificate in use!
requests.packages.urllib3.disable_warnings()

# ASMS IP and Credential
asms_ip = '34.243.20.111'
asms_login = 'jason'
asms_pwd = 'cobra'

# Base URL we might use
base_url = "https://" + asms_ip + "/FireFlow/api"
session = ''

# Login
login_url = base_url + "/authentication/authenticate"
data = { 'username': asms_login, 'password':asms_pwd }
headers = {'Content-type': 'application/json'}

# Sign ASMS & setup session
login = requests.post(login_url, data=json.dumps(data), headers=headers, verify=False)


cookies = {'FireFlow_Session': login.json()['data']['sessionId'] }

# Create ticket
createTicket_url = base_url + "/change-requests/traffic"

# template, srcitems, dstitems, svcitems, applicationitems, useritems, action are mandatory
template = "115: Automatic Traffic Change Request"

srcitems = [
    { "address": "1.1.1.1" },
    { "address": "1.1.2.1" }
]

dstitems = [
        { "address": "1.1.1.2" }
]

svcitems = [
        { "service": "tcp/80" }
]

applicationitems = [
        { "name": "any" }
]

useritems = [
        { "name": "any" }
]

# Compose ticket request
ticket = {
    "template": template,
    "traffic": [
        {
         "source":      { "items": srcitems } ,
         "destination": { "items": dstitems } ,
         "service":     { "items": svcitems } ,
         "application": { "items": applicationitems },
         "user":        { "items": useritems },
         "action": "Allow"
        }
        ]
}

jticket = json.dumps(ticket)

# pp.pprint (ticket)

r = requests.post(createTicket_url,  data=jticket, cookies=cookies, headers=headers, verify = False)

pp.pprint (r.json())

Swagger

The FireFlow RESTful API includes Swagger support, enabling you to execute simplified API request calls and access full lists of request parameters.

To access Swagger API documentation:

In the toolbar, click your username and click API Documentation.
From the dropdown at the top-right, click AlgoSec_FireFlow.

FireFlow REST API reference

FireFlow supports the following REST APIs:

Authentication	Authenticating
Session	Check if session is alive
Traffic Change request	Create a traffic change request Update a traffic change request's custom fields Get details for a specified change request
Object Change Request	Get object change request Create object change request
Generic Change request	Get ticket details by generic Request ID Create generic change request
Work Order	Get Work Order calculation status Trigger Work Order calculation for change request
Rule Removal	Create a rule removal change request Get rule removal ticket details by change request ID
Active Change	Get ActiveChange status Trigger ActiveChange for change request
Initial Plan	Get Initial Plan for Traffic Change Request Confirm Devices for Initial Plan Calculate Initial Plan
Advance Search	Run an advanced search
Request Templates	Get permitted request templates

For more details, see FireFlow data types.

FireFlow REST web services

Base URL

Header requirements in FireFlow

Swagger

FireFlow REST API reference

Sorry about that

Great!