Tag Archives: F5 BigIQ REST Authentication

{f5 bigIQ 4.5 rest api intro}

The jury is out on technical blogs and perhaps how much longer I’m going to do this (at least for me); I’m thinking of moving everything over to Jekyll just to be closer to github because if I continue this..I’m just going to point you to my project on github anyhow..like today.

For this blog post, I suspect you already know what BigIQ is..However, don’t feel bad, I’ve never programmed an F5 Device (and still haven’t gotten my hands on any part of it yet besides getting controlled devices (BigIP) and Backing them up (which is probably best done using the BigIQ interface to begin with).

Today I wanted to share my Introduction to F5’s BigIQ REST API Authentication scheme..which is somewhat of a Kludge. BigIQ using BASIC Authentication like a lot of the Networking companies (many shops are moving to OAUTH api key + tokens); Basic takes the username:password and hashes the user and pass together as shown (with the : in between them)..However, with BigIQ they take the Authentication process 1 Step Further in the same REQUEST; In the Body of the request you must pass a JSON object like below.

{
  "username" : user,
  "password" : pass
}
//If using LDAP there is one other property which I document in the README file in GITHUB

Normally, when utilizing BASIC Auth, you can GET information from the Very Beginning (/bigiq/bigipdevices). However, before you can start asking for devices, you have to Authenticate; when you Authenticate, BigIQ passes back a Token; this token is then used so that you can interact with the devices BigIQ manages. How are you Following Along? Let’s look at the Request Options Below for Authentication

{
  uri     : HTTPS + /mgmt/shared/authn/login,
  method  : POST,
  //BASIC AUTH
  auth    : { user : user, pass : pass },
  headers : {
    'Content-Type' : 'application/json',
    'Accept'       : 'application/json'
  },
  //Didn't I already Pass that in?
  //This is the Message Body Though..
  json    : { username : user, password : pass }
}

If the request above is successful you are return an Object..and one of the Properties of this Object contains your Token (actually 2 one of the properties is name and the other is token..they both have the same value..hmm). One you have the Token..so something like this below

headers['X-F5-Auth-Token'] = token;

Let me know if you find this post useful in any way..and before I forget..here’s the project on github..

https://github.com/drkchiloll/f5bigiq.git

return sam;