Introduction

The HTTP API provides three special request endpoints to handle general authentication. The endpoints are __status, __login and __logout.

Status

A status request, made to the endpoint __status can be made at any time to retreive the current authenticated user and their authorization. information is provided in a JSON object with the following fields:

Key Type Description
error_string String If the user is not logged in, or another error occurs, the error will be described in this field.
group_list String If authenticated this field will exist and provide a comma separate list of groups the user has been authenticated with.
logged_in Integer If 1, the user is logged in. If 0, the user is not logged in.
sid String The Session ID of the user. This session ID is also sent through in a cookie, the name of which will depend on site-specific configuration, the default for which is N2FE_CGISESSID.
sid_param String The name of the cookie where the SID is stored.
username String If authenticated this field will exist and privide the username the user is logged in with.

Example

Request:

curl 'http://localhost/jarvis-agent/n2fe/__status'

Response when a user is logged in:

{
   "sid" : "9ee5ba92f2c91b0c3112e5c59bf5f82e",
   "logged_in" : 1,
   "group_list" : "ACS_BOSS,CCS Superuser",
   "error_string" : "",
   "username" : "su",
   "sid_param" : "N2FE_CGISESSID"
}

Response when a user is not yet logged in:

{
   "sid" : "1dfece296eff865fd1c324ab0fb0f044",
   "logged_in" : 0,
   "error_string" : "No username supplied.",
   "sid_param" : "N2FE_CGISESSID",
   "username" : "",
   "group_list" : ""
}

Login

Login is performed via the special API endpoint __status. The username and password for the login may be passed through as command line arguments, or passed through as POST parameters.

Parameter Example Description
username su The user to log in.
password boss The password the user has provided.

The response will be provided in a JSON object. See the __status response details in the previous section for details on the response content.

The API endpoint __login may be used as an alias for __status if desired.

Example

Request:

curl -v --data "username=su&password=boss" 'http://localhost/jarvis-agent/n2fe/__status'

Response:

{
   "username" : "su",
   "sid_param" : "N2FE_CGISESSID",
   "logged_in" : 1,
   "group_list" : "ACS_BOSS,CCS Superuser",
   "error_string" : "",
   "sid" : "84c72d53a9faf51c89411671785c6dd1"
}

The response provides the sid_param and sid, which should be used as the HTTP cookie name and cookie value for subsequent requests. The response also uses the Set-Cookie header to set this automatically for tools (such as web browsers) that monitor for the header.

logout

Logout is performed by making a call using any method to the __logout endpoint:

Example

Request:

curl 'http://localhost/jarvis-agent/n2fe/__logout' -H 'Cookie: N2FE_CGISESSID=4876c530f3d7252330a95ea51007f252'

Response:

{
   "group_list" : "",
   "sid" : "",
   "username" : "",
   "logged_in" : 0,
   "error_string" : "Logged out at client request.",
   "sid_param" : "N2FE_CGISESSID"
}