Authenticating to the Nexfs Management API

A temporary session security token must be requested to access the Nexfs Management API.

Session Duration

Temporary security session tokens expire after a default 5 minutes of inactivity or when a login request is received to revoke the token.

Permissions

The user ID the token is requested for must have the managmentconsolelogin role enabled.

Request Parameters

A request must be made against the nexfs management console api with the GetSessionToken Action.

The request must be signed with a valid AWS V4 style Signature.

Response

If successful, Nexfs will respond with a temporary security token, including an access key ID and a secret access key. These must be used when signing Nexfs Management API requests for the session duration.

Errors

See Rest Error Responses

If the request cannot be authenticated, a 401 Unauthorized response will be received.

Example Request

GET http://nexfs.example.com/nexfsconsoleapi?Action=GetSessionToken

Authorization: AWS4-HMAC-SHA256 Credential=barry/20220830/nexfs/nexfsconsole/aws4_request, SignedHeaders=content-type;host;x-amz-date, Signature=5d672d79c15b13162d9279b0855cfba6789a8edb4c82c400e06b5924a6f2b5d7

content-type: application/x-www-form-urlencoded; charset=utf-8

host: nexfs.example.com x-amz-date: 20220420T123600

Example Response

<GetSessionTokenResponse>

<GetSessionTokenResult>

<Credentials>

<SessionToken>

10ad4840-70d811ec98992772041e8fc7

</SessionToken>

<SecretAccessKey>

a1334836ac8a11ec92a2d562ff2dd9d1

</SecretAccessKey>

<Expiration>2022-04-22T12:41:00</Expiration>

<AccessKeyId>

a1334837ac8a11ec92a2-d562ff2dd9d1

</AccessKeyId>

</Credentials>

</GetSessionTokenResult>

<ResponseMetadata>

<RequestId>10234</RequestId>

</ResponseMetadata>

</GetSessionTokenResponse>