Reverse Proxy Authentication Configuration REST API - v2

NEW IN RELEASE 138

The REST API endpoints described here allow anyone with the System Administrator role or the Edit System Configuration and Users permission to manage a reverse proxy authentication configuration.

Reverse Proxy Authentication Configuration Properties

A reverse proxy authentication configuration has the following properties:

PropertyDefault ValueDescription
enabledfalseWhether or not reverse proxy authentication is enabled.
usernameHeaderREMOTE_USERThe name of the HTTP request header field that carries the username.
csrfProtectionDisabledfalseWhether or not Cross-Site Request Forgery (CSRF) protection is disabled. This can be useful for backward compatibility with old client plugins.
logoutUrlnullThe service URL that will be redirected to when a user requests logout. Note that if this is null, then the user will not be redirected.

GET a Reverse Proxy Authentication Configuration

To get the reverse proxy authentication configuration you can make a GET request to the following path:

GET /api/v2/config/reverseProxyAuthentication

Below is an example request to a local IQ Server using the built-in administrator account and the cURL tool:

curl -u admin:admin123 http://localhost:8070/api/v2/config/reverseProxyAuthentication

If no reverse proxy authentication configuration is saved, then the request yields HTTP status code 404. Otherwise, a JSON response with all the properties described above is returned.

PUT a Reverse Proxy Authentication Configuration

To set the reverse proxy authentication configuration you can make a PUT request to the following path:

PUT /api/v2/config/reverseProxyAuthentication

The request requires a JSON body as payload, which may include any of the properties described above. If any property is not included, then it will take its default value.

Below is an example request to a local IQ Server using the built-in administrator account and the cURL tool:

curl -u admin:admin123 -X PUT -H "Content-Type: application/json" -d '{"enabled": true, "usernameHeader": "MY_USERNAME_HEADER", "csrfProtectionDisabled": true, "logoutUrl": "http://localhost/logout/index.html"}' http://localhost:8070/api/v2/config/reverseProxyAuthentication

A successful request yields HTTP status code 204.

DELETE a Reverse Proxy Authentication Configuration

To delete the reverse proxy authentication configuration you can make a DELETE request to the following path:

DELETE /api/v2/config/reverseProxyAuthentication

Below is an example request to a local IQ Server using the built-in administrator account and the cURL tool:

curl -u admin:admin123 -X DELETE http://localhost:8070/api/v2/config/reverseProxyAuthentication

A successful request yields HTTP status code 204.