beautypg.com

Policy acl api developer’s guide: protocol, Api authentication, Pattern acl api – Google Search Appliance Policy ACL API Developers Guide User Manual

Page 16

background image

Google Search Appliance: Policy ACL API Developer’s Guide

Policy ACL API Developer’s Guide

16

Removing a Member From a Group

To remove a member from a group:

service.Delete("http://Search_Appliance:8000/a/feeds/group/2.0/domain/testGroup
/member/john");

Policy ACL API Developer’s Guide: Protocol

The sections that follow provide an introduction to the policy ACL protocol. See also the “API
Operations” and “XML Element Definitions” sections in the Administrative API Developer’s Guide: Protocol.

API Authentication

You can send API requests over HTTPS or HTTP. To use this API, you need to specify an authentication
token with each API request. The search appliance uses the token to authorize access to the operation
that you request. Authentication tokens are available only to users who have administrative rights to the
search appliance, and the tokens authorize operations only within a search appliance.

To obtain an authentication token, submit an HTTPS POST request structured as form post to the
following URL:

https://Search_Appliance:8443/accounts/ClientLogin

The following guidelines apply to the request:

Include in the POST body the following parameters:

Email—user name for an Admin Console administrator account.

Passwd—password for the Admin Console account. The user name and password values must
be URL-encoded. For example, the URL-encoded form of the AcQ.87@ password is the
AcQ%2E87%40 value.

The POST request must specify the value application/x-www-form-urlencoded for the Content-
Type header.

The search appliance returns a response that contains your authentication token in response to the
POST request. The authentication token is the Auth value on that page, and you need to extract the
token from the page. When you submit an API request, you must set the Content-Type and
authorization headers as follows:

Content-type: application/atom+xml
Authorization: GoogleLogin auth=your-authentication-token

Note: Authentication tokens expire after 24 hours or 30 minutes when not in use. Submit a request to
the URL at least once again. We recommend that you keep the token in memory rather than writing the
token to a file.

Pattern ACL API

Create, retrieve, update, and delete ACL rules for URL pattern on a search appliance.