Authentication with the F5 REST API¶
You must provide authentication to make a successful F5 REST API call. Authentication is the process of verifying the identity of the API call originator. Currently, there are two authentication methods supported: standard HTTP basic authentication and an F5 proprietary token scheme. If both authentication methods are used simultaneously, the token scheme takes precedence.
Basic authentication¶
To use basic authentication, include a standard HTTP header as part of the API call. The header looks similar to the following.
Authorization: Basic
Where is the Base-64 encoding of the string that is formed by joining the user name to the password using a colon (:). For example, to submit a user name “admin” and the password “default”, the header would be:
Authorization: Basic YWRtaW46ZGVmYXVsdA
Token Based Authentication¶
{
"username":"USER",
"password":"PASSWORD",
"loginProviderName": "tmos"
}
{"username":"user",
"loginReference":{"link":"https://localhost/mgmt/cm/system/authn/providers/tmos/1f44a60e-11a7-3c51-a49f-82983026b41b/login"},
"loginProviderName":"tmos",
"token":"token":"VUT2YR667OICEHAEKWBGWOJ3HF","name":"VUT2YR667OICEHAEKWBGWOJ3HF",
"userName":"user",
"authProviderName":"tmos",
"user":{"link":"https://localhost/mgmt/cm/system/authn/providers/tmos/1f44a60e-11a7-3c51-a49f-82983026b41b/users/5d9c68c6-c50e-33d0-aa2f-cf54f63993b6"},
"timeout":1200,
"startTime":"2017-11-09T14:43:33.101-0800",
"address":"10.10.2.112",
"partition":"[All]",
"generation":1,
"lastUpdateMicros":1510267413101273,
"expirationMicros":1510268613101000,
"kind":"shared:authz:tokens:authtokenitemstate",
"selfLink":"https://localhost/mgmt/shared/authz/tokens/VUT2YR667OICEHAEKWBGWOJ3HF"},
"generation":0,"lastUpdateMicros":0
The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.