Login

This URL allows a third party application to log on to McAfee Advanced Threat Defense API framework .

Resource URL

GET https://<MATD_IP>/php/session.php

Input parameters

The following HTTP headers should be specified in the session request:

  • Accept: application/vnd.ve.v1.0+json
  • Content-Type: application/json
  • VE-SDK-API: Base64 encoded "user name:password" string
  • VE-API-Version (Optional)

The following two input parameters must be base64 encoded and specified in the header.

Input parameter Description Data type
user name Logon user name. String
password Logon user password String
Important: All other URL resources in the ATD RESTful API are required to pass these credentials for validation and authorization in VE-SDK-API custom header.

Output parameters

Output parameter Description Data type
session Logged on session id. String
userId Logged on user id. String
apiVersion API version String
matdVersion McAfee Advanced Threat Defense version String
serverTZ Server time zone. String
isAdmin Determines whether the user has admin privileges.

IsAdmin: 1 – User has admin privileges.

IsAdmin:0 – User does not have admin privileges.

String

Endpoint products need to parse the following parameters.

  • If the response returns "success": false, then check "reason" to know the reason.
  • If the response returns "success": true, then do the following.
    • Check whether isCurrentAPI returns true or false
    • If isCurrentAPI returns false, then check the "warning" section to know the reason
    • If isCurrentAPI returns true, then you are on the current version

Example

When client is on latest version:

Input

"Accept: application/vnd.ve.v1.0+json"
"Content-Type: application/json"
"VE-SDK-API:" + base64 encoded "admin:test123" string
"VE-API-Version: 1.5.0"

Output

{"success": true, "results": {"session": "bodnnhhui5d0e9gv4mj376op25","userId": "1","isAdmin": "1","serverTZ": "PDT","apiVersion": "1.5.0","isCurrentAPI": true,"matdVersion": "4.x.x.x.x"} }

When client is on a future version:

Input

"Accept: application/vnd.ve.v1.0+json"
"Content-Type: application/json"
"VE-SDK-API:" + base64 encoded "admin:test123" string
"VE-API-Version: 1.6.0"

Output

{"success": false, "results": {"apiVersion": "1.5.0", "matdVersion": "4.x.x.x.x", "isCurrentAPI": false, "reason": "Client API version(1.6.0) is too early, MATD supports the Client API version till 1.5.0"}}

Client is on an older version which is backward compatible:

Input

"Accept: application/vnd.ve.v1.0+json"
"Content-Type: application/json"
"VE-SDK-API:" + base64 encoded "admin:test123" string
"VE-API-Version: 1.0.0"

Output

{"success": true, "results": {"session": "ens446tbnhirtfcm7n4v6qqcs0","userId": "1","isAdmin": "1","serverTZ": "PDT","apiVersion": "1.5.0","isCurrentAPI": false, "matdVersion": "4.x.x.x.x","warning": "Client API version(1.0.0) is older than Server API version(1.5.0), some feature may not be available, please refer REST API-1.5.0 documentation"} }

Client is on an older version which has no backward compatibility:

Input

"Accept: application/vnd.ve.v1.0+json"
"Content-Type: application/json"
"VE-SDK-API:" + base64 encoded "admin:test123" string
"VE-API-Version: 0.7.6"

Output

{"success": false, "results": {"apiVersion": "1.5.0",  "matdVersion": "4.x.x.x.x",  "isCurrentAPI": false,  "reason": "Client API version(0.7.6) is too old, Please upgrade the REST client version to 1.5.0"}}

Existing clients who cannot change their client code:

In case of no custom header ('VE-API-Version : <API-Version>' ) available from the REST client, current version of client is considered as 1.5.0.

Input

"Accept: application/vnd.ve.v1.0+json"
"Content-Type: application/json"
"VE-SDK-API:" + base64 encoded "admin:test123" string

Output

{"success": true, "results": {"session": "bitu3eaq2ovddl0741o84qbbj5","userId": "1","isAdmin": "1","serverTZ": "PDT","apiVersion": "1.5.0","matdVersion": "4.x.x.x.x"} }