Technical Library
|
Support
Introduction
> Management API overview
Management API overview
Management API Guide | TRITON AP-WEB | v8.3.x
The process of using the Management API works as follows:
1.
A client starts a transaction.
2.
The client receives a transaction ID.
3.
The client issues one or more commands, using the transaction ID.
4.
The client completes the transaction in one of 2 ways:
Commits the transaction
This causes all commands issued within the transaction to be completed.
Note
While the commit returns an immediate response, the commands and data that are part of the transaction continue to be processed in the background.
You can start a new transaction immediately after issuing the commit command, even though data from the previous transaction is still being processed.
Rolls back the transaction
This causes all commands issued within the transaction to be discarded.
To prevent data collisions, the Management API allows only one transaction at a time. Once a transaction is started, no other transactions can start until the first transaction has been committed or rolled back. This is true no matter how many instances of the Policy API Server component have been deployed.
If a connection is interrupted before a transaction is committed or rolled back, the transaction times out in 10 minutes, by default. The transaction timeout period can be configured in the
ApiParameters.ini
file (see
ApiParameters.ini
).
Communication between clients and the Management API
There are 2 options when a client connects to the Management API:
In deployments where there are limited concerns about the security of traffic between the client and the Management API machine, the client can connect using only basic authentication. For example:
curl -k -u username:password https://10.82.5.74:15873/web/api/v1/categories
In deployments where there is more concern about securing traffic between client and server:
a.
Copy the server certificate to a directory on the client system that can be accessed by the administrator communicating with the API.
b.
Specify both the certificate name and the basic authentication account when connecting to the Management API server. For example:
curl --cacert cert_name.crt -u username:password https://10.203.30.40:15873/web/api/v1/categories
In either case, if the connection account password is not specified in the request, the administrator is prompted to provide it.
Instructions for defining the account used for basic authentication, as well as instructions for creating the server certificate, can be found in the
Management API Deployment & Installation Guide
.
Introduction
> Management API overview
Copyright 2016 Forcepoint LLC. All rights reserved.