REST API Security
The REST API is designed with two security features: Authentication and Encryption. Both of them are optional
and can be used independently of each other.
Authentication
Basic access authentication is designed to limit user access for the REST API server. It requires user
Follow the instructions below to set the password:
Step 1. Set the password.
ɯ header: POST·<ip>·
ɯ body: <new_password>
Step 2.
ɯ header: POST·<ip>·
ɯ body: true
Step 3. Restart network services.
ɯ header: POST·<ip>·
ATTENTION! The password will not be encrypted by this authentication mode, it remains accessible when
the communication happens on HTTP.
For more details, see the Basic Authentication section.
Encryption (HTTPS)
There is no encryption when the REST API communication happens via HTTP, because the HTTP protocol
(e.g. stealing the password) HTTP should be disabled and HTTPS protocol used instead.
ATTENTION! Please ensure proper time and date setting in MMX2, because it affects the self-signed
HTTPS does not guarantee that the communication is secure. Make sure that the client communicates with
the server directly, without any third-party element in the communication route (Man-in-the-middle attack).
For more details, see the section.
To Next Page
Loading...
