Policy acl api developer’s guide: protocol, Api authentication, Pattern acl api – Google Search Appliance Policy ACL API Developers Guide User Manual
Page 16

Google Search Appliance: Policy ACL API Developer’s Guide
Policy ACL API Developer’s Guide
16
Removing a Member From a Group
To remove a member from a group:
service.Delete("http://Search_Appliance:8000/a/feeds/group/2.0/domain/testGroup
/member/john");
Policy ACL API Developer’s Guide: Protocol
The sections that follow provide an introduction to the policy ACL protocol. See also the “API
Operations” and “XML Element Definitions” sections in the Administrative API Developer’s Guide: Protocol.
API Authentication
You can send API requests over HTTPS or HTTP. To use this API, you need to specify an authentication
token with each API request. The search appliance uses the token to authorize access to the operation
that you request. Authentication tokens are available only to users who have administrative rights to the
search appliance, and the tokens authorize operations only within a search appliance.
To obtain an authentication token, submit an HTTPS POST request structured as form post to the
following URL:
https://Search_Appliance:8443/accounts/ClientLogin
The following guidelines apply to the request:
•
Include in the POST body the following parameters:
•
Email—user name for an Admin Console administrator account.
•
Passwd—password for the Admin Console account. The user name and password values must
be URL-encoded. For example, the URL-encoded form of the AcQ.87@ password is the
AcQ%2E87%40 value.
•
The POST request must specify the value application/x-www-form-urlencoded for the Content-
Type header.
The search appliance returns a response that contains your authentication token in response to the
POST request. The authentication token is the Auth value on that page, and you need to extract the
token from the page. When you submit an API request, you must set the Content-Type and
authorization headers as follows:
Content-type: application/atom+xml
Authorization: GoogleLogin auth=your-authentication-token
Note: Authentication tokens expire after 24 hours or 30 minutes when not in use. Submit a request to
the URL at least once again. We recommend that you keep the token in memory rather than writing the
token to a file.
Pattern ACL API
Create, retrieve, update, and delete ACL rules for URL pattern on a search appliance.