Authentication

You must be authenticated in order to use IGEL Management Interface, otherwise the server will return the HTTP status 401 "Unauthorized". Only querying the server status is allowed without authentication.

IMI uses Basic Authentication (RFC 2617).

Logging In

→ Send an HTTP POST request to /v2/login to log in. Your HTTP client of choice will offer a way of sending a Basic Authentication- header, which is produced from the username/password combination.

This is the commandline for cURL:

curl \

--request POST \

--user '[Username]:[Passwort]' \

https://[server]:8443/umsapi/v3/login

The server replies, sending back a session ID:

200 OK

Set-Cookie: JSESSIONID=3FB2F3F6A089FE9029DFD6DAFEF146DC; Path=/umsapi/; Secure; HttpOnly

---

{"message":"JSESSIONID=3FB2F3F6A089FE9029DFD6DAFEF146DC"}

Staying Logged in

→ You can maintain the session by sending the JSESSIONID in the cookie header with every subsequent request:

Cookie: JSESSIONID=3FB2F3F6A089FE9029DFD6DAFEF146DC

Some clients will do this automatically for you, e.g. the RESTClient Firefox add-on.

The authentication cookie is valid for 30 minutes. However, this 30-minute period restarts with every successful request.