How are authentication credentials sent in a Cisco APIC REST API authorization request?
A. by using OAuth
B. in a token in the header
C. by using Basic Auth
D. in JSON in the payload
Authentication to the REST API for username/password-based authentication uses a special subset of request URIs, including aaaLogin, aaaLogout and aaaRefresh as the Dn target of a POST operation. Their payloads contain a simple XML or JSON payload containing the MO representation of an aaaUser object with attributes name and pwd defining the username and password, for example: <aaaUser name=’admin’ pwd=’insieme’/>. The response to the POSTs will contain an authentication token as both a Set-Cookie header as well as an attribute to the aaaLogin object in the response named token, for which the XPath is / imdata/aaaLogin/@token if encoded as XML. Subsequent operations on the REST API can use this token value as a Cookie named “APIC-cookie” to have future requests authenticated.