Skip to main content
Version: 2.8

Authenticating and Session Handling in ADx

Configuring Sessions

You can configure the maximum idle time and the usage of session cookies which allow you to keep the session alive after the browser has been closed. To do it, modify TRIBEFIRE_USER_SESSIONS_MAX_IDLE_TIME and TRIBEFIRE_RUNTIME_OFFER_STAYSIGNED runtime properties in accordance with your needs when installing ADx.

  # Specifies how long a user session should remain active when there is no activity on the session.
# After the specified inactive time has passed (i.e. no request with the corresponding session ID has been received by the server),
# the session is flagged as inactive and consequently removed by a periodic cleanup process.
# The time span can be specified as a human-readable string, using numbers and the time unit, as in 12h, 30m, 3600s, etc.
TRIBEFIRE_USER_SESSIONS_MAX_IDLE_TIME: "30m"

# When this is set to true, the login dialog will offer an option to stay signed-in after a browser restart.
# If this is set to false, the user session will always be closed when the browser is closed.
# This is achieved by using a session cookie that stores the user's session ID until the browser is closed.
TRIBEFIRE_RUNTIME_OFFER_STAYSIGNED: "true"

Authenticating to ADx

To authenticate to your ADx instance, send a request to the https://[host]:[port]/access.adx.admin/v1/session endpoint. As a result, a session ID is returned - you can use it in other requests. The table below shows endpoints you can call to handle sessions.

Request typeService descriptionEndpointRequest query parametersReturns
POSTCreate session/access.adx.admin/v1/sessionuserName, password``
GETGet session object or session ID/access.adx.admin/v1/sessionSession object.
DELETEClose session by ID/access.adx.admin/v1/session``
GETSearch all available sessions/access.adx.admin/v1/session/searchA list of available session objects.
DELETEClose multiple sessions by their IDs/access.adx.admin/v1/sessions``

Parameters

ParameterData typeDescription
userNamestringuser name used for authentication
passwordstringpassword used for authorization
sessionIdstringsessionId returned by ADx

Authenticating with Encrypted Passowrds

ADx enables you to create session by providing an encrypted password. To do this, follow these steps:

  1. Encrypt your password by running the ./encrypt.sh --value mypassword (.bat on Windows) script. You should the encrpted password as a response.

    $ ./encrypt.sh --value 's3cur3p455w0rd'
    cNRVe5T5gOB0o3NXxjCdRkiMGbNKWpAsbGFWFVKCVjZ0Jh1yUwyaZxPJ1WjFYbXABc6qiw==
    DONE

    You can find the encrypt.sh file in your adx-deployment-package installation folder.

  2. In Swagger, find the /access.adx.admin/v1/session endpoint and do the following:

    1. In userName enter your user name.
    2. In password enter the your encrypted password from step one.
    3. Check the passwordIsEncrypted box.

cURL Example

The request shown below will return a session ID from ADx instance running on https://[host]:[port]. Replace [host], [port], [username], and [password] with the actual values in your request.

curl -X POST "https://[host]:[port]/access.adx.admin/v1/session" -H  "accept: application/json" -H  "Content-Type: multipart/form-data" -F "user=[username]" -F "password=[password]" -F "noExceptionOnFailure=false" -F "staySignedIn=false"