The Oracle ZFS Storage Appliance RESTful API uses the same authentication credentials as the BUI and CLI. All requests from external clients are individually authenticated using the appliance credentials and are conducted over an HTTPS connection on port 215. The RESTful API supports HTTPS sessions that have a user-definable timeout of 15 minutes.
Authentication can take one of the following forms:
Basic authentication - Each request must contain the user login.
Example HTTP Header:
Authorization: Basic abcefgMWE
User authentication - BUI or CLI login credentials are used for authentication. In this case, the X-Auth-User header must contain the login name, and the X-Auth-Key header must contain the login password.
Example HTTP Headers:
X-Auth-User: root X-Auth-Key: letmein-xxx
Session authentication - When a session has been authenticated, a session header can be used to continue to run commands until the session expires. After a session expires, authentication must be done again before commands are accepted.
Session Header Example:
X-Auth-Session: guigqpQRE4g89ngb