Data Center Security

Hi There,

I'm missing information about the REST-API in 6.10.0.

Since UMC is gone scripts are not running anymore using:

• /umcservices/rest/v1.0/auth/token
• /sis-ui/api/v1/sa/assets/
• /sis-ui/api/v1/sa/securitygroups/

Thanks

Hello @JanTorsten Hobohm

First of all DCS 6.10.x architecture is all API driven and DCS 6.10 contains much larger number of APIs to automate your DCS operations. You can look at the all available APIs (Swagger) within DCS 6.10.x console by clicking on user profile and API Documentation 


You can also look at a sample API driven powershell script within DCS console by following the steps below 

1. Login to DCS 6.10.x console 
2. Go to Assets Tab and then click on More Actions 
3. Click on Prevention Assessment Report
Script is available on <Install directory>\Symantec\Symantec Data Center Security\Console\bin\assessment-report.ps1
assessment-report.ps1 is 6.10 script

API differences between 6.9.3 and 6.10.x versions

The release of DCS version 6.10.x brings with it slight differences in the REST APIs compared to version 6.9.3 that need to be considered before using the APIs to perform automated tasks. These differences are explained below.

1. API Documentation: The first difference is how the APIs are documented. DCS 6.10 provides a new Swagger web page (as explained above) that documents each API. It can be accessed from the 6.10.x console by selecting 'API Documentation' from the user dropdown menu in the upper right corner of the 6.10 console.

Bookmark Swagger Page with the URL
                 https://<DCS manager IP/hostname>:4443/sis-ui/api/swagger-ui/index.html

The Swagger page will look something like this:

2. Default ports used for API calls : Another difference is the default port used for API calls. DCS 6.9.3 uses 8443 as the default port for the OAuth token request API and 4443 for all other API calls. However, DCS 6.10.x uses 4443 for all API calls, including the OAuth token request. Keep this and other differences in mind if scripts written for a 6.9.3 manager are being converted to work with a 6.10 manager. 

3. OAuth token request API

The API for requesting an OAuth token has changed in 6.10. The URI for 6.9.3 is this:

https://{{UMC_IP}}:8443/umcservices/rest/v1.0/auth/token

The URI for 6.10 is this:

https://{{DCS_manager_IP}}:4443/sis-ui/api/v2/auth/token

Notice that the default port number is different and the base URI is also different. The request body has also changed.

6.9.3 auth token request body:

{

    "username":"<UMC user>",

    "password":"<password>"

}

6.10 auth token request body:

{

    "username":"{{user}}",

    "password":"{{password-base64}}",

    "smartcard": false,

    "scope": "ENTERPRISE_MANAGER"

}

Also, note that the password value in the DCS 6.10 token request is a base64-encoded string with user, ':' and password concatenated together.

base64("<user>" + ":" + "<password>")

The resulting auth token value is now placed in a different name in the 6.10 response body ("access_token").  DCS 6.9.3 places the auth token value under the name 'accessToken'. Example 6.10 response body:

{

    "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI2ODdhMjgxZS0zOWE0LTRmZTQtYmQwOS1hNGI5ZGI5NDcyNTEiLCJpc3MiOiJkY3MiLCJzdWIiOiJhcGl1c2VyIiwiYXVkIjosxxQVLNTiRU5URVJQUklTRV9NQU5BR0VSIiwiZXhwIjoxNzQ0MjIwMTM1LCJ1aWQiOjE1MDEsInJvbGVzIjpbIntcInJpZFwiOjEsXCJuYW1lXCI6XCJBZG1pbmlzdHJhdG9yc1wiLFwicHJpdmlsZWdlc1wiOlwiU1wifSJdLCJyYmFjcyI6W10sImxvZ2luVHlwZSI6IkxPQ0FMIiwibG9naW5NZXNzYWdlIjoiIiwiY2hhbmdlUGFzc3dvcmRSZXF1aXJlZCI6ZmFsc2V9.gmGYEFYsFcpECbky1pgq3AVdEexPvcZx8HU9hbG4a8o",

    "token_type": "JWT",

    "expires_in": 1800,

    "scope": "ENTERPRISE_MANAGER"

}

Also note that the expiration time for the DCS 6.10 token is 1,800 seconds, whereas the expiration time for a DCS 6.9.3 token is 3,600 seconds.

Lastly, the token type has changed from 'Bearer' in DCS 6.9.3 to 'JWT' in DCS 6.10. This token type change needs to be reflected in the authorization header in all subsequent API calls to a DS 6.10 manager.

4. Authorization header

Apart from the initial auth token request API, DCS 6.9.3 API calls use 'Bearer' as the authorization type in the header, whereas DCS 6.10 API calls use 'JWT' as the type.

6.9.3: Key: "Authorization", Value: "Bearer {{accessToken}}"

6.10: Key: "Authorization", Value: "JWT {{access_token}}"

5. API base URI

The last difference is in the base URI of the APIs themselves. The base URI for all DCS 6.9.3 API calls, except for the auth token request described above, is this:

                /sis-ui/api/v1/

The base URI for all DCS 6.10 API calls is this:

/sis-ui/api/v2/

All DCS 6.9.3 APIs, whether being natively used on a DCS 6.9.3 manager or on a DCS 6.10 manager, have the '/v1' path. DCS 6.10 native APIs have '/v2/' in the path.

Please create reach Symantec support team or create a support ticket on steps to generate authentication token. 

I hope this helps.

Thanks 

Original Message:
Sent: Apr 10, 2025 04:19 AM
From: JanTorsten Hobohm
Subject: DCS:SA 6.10 REST-API

Hi There,

I'm missing information about the REST-API in 6.10.0.

Since UMC is gone scripts are not running anymore using:

• /umcservices/rest/v1.0/auth/token
• /sis-ui/api/v1/sa/assets/
• /sis-ui/api/v1/sa/securitygroups/

Thanks

Thanks Muhammand for the info.

I will check that after the holidays. Too busy right now.

JT.

Hello @JanTorsten Hobohm

First of all DCS 6.10.x architecture is all API driven and DCS 6.10 contains much larger number of APIs to automate your DCS operations. You can look at the all available APIs (Swagger) within DCS 6.10.x console by clicking on user profile and API Documentation 


You can also look at a sample API driven powershell script within DCS console by following the steps below 

1. Login to DCS 6.10.x console 
2. Go to Assets Tab and then click on More Actions 
3. Click on Prevention Assessment Report
Script is available on <Install directory>\Symantec\Symantec Data Center Security\Console\bin\assessment-report.ps1
assessment-report.ps1 is 6.10 script

API differences between 6.9.3 and 6.10.x versions

The release of DCS version 6.10.x brings with it slight differences in the REST APIs compared to version 6.9.3 that need to be considered before using the APIs to perform automated tasks. These differences are explained below.

1. API Documentation: The first difference is how the APIs are documented. DCS 6.10 provides a new Swagger web page (as explained above) that documents each API. It can be accessed from the 6.10.x console by selecting 'API Documentation' from the user dropdown menu in the upper right corner of the 6.10 console.

Bookmark Swagger Page with the URL
                 https://<DCS manager IP/hostname>:4443/sis-ui/api/swagger-ui/index.html

The Swagger page will look something like this:

2. Default ports used for API calls : Another difference is the default port used for API calls. DCS 6.9.3 uses 8443 as the default port for the OAuth token request API and 4443 for all other API calls. However, DCS 6.10.x uses 4443 for all API calls, including the OAuth token request. Keep this and other differences in mind if scripts written for a 6.9.3 manager are being converted to work with a 6.10 manager. 

3. OAuth token request API

The API for requesting an OAuth token has changed in 6.10. The URI for 6.9.3 is this:

https://{{UMC_IP}}:8443/umcservices/rest/v1.0/auth/token

The URI for 6.10 is this:

https://{{DCS_manager_IP}}:4443/sis-ui/api/v2/auth/token

Notice that the default port number is different and the base URI is also different. The request body has also changed.

6.9.3 auth token request body:

{

    "username":"<UMC user>",

    "password":"<password>"

}

6.10 auth token request body:

{

    "username":"{{user}}",

    "password":"{{password-base64}}",

    "smartcard": false,

    "scope": "ENTERPRISE_MANAGER"

}

Also, note that the password value in the DCS 6.10 token request is a base64-encoded string with user, ':' and password concatenated together.

base64("<user>" + ":" + "<password>")

The resulting auth token value is now placed in a different name in the 6.10 response body ("access_token").  DCS 6.9.3 places the auth token value under the name 'accessToken'. Example 6.10 response body:

{

    "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI2ODdhMjgxZS0zOWE0LTRmZTQtYmQwOS1hNGI5ZGI5NDcyNTEiLCJpc3MiOiJkY3MiLCJzdWIiOiJhcGl1c2VyIiwiYXVkIjosxxQVLNTiRU5URVJQUklTRV9NQU5BR0VSIiwiZXhwIjoxNzQ0MjIwMTM1LCJ1aWQiOjE1MDEsInJvbGVzIjpbIntcInJpZFwiOjEsXCJuYW1lXCI6XCJBZG1pbmlzdHJhdG9yc1wiLFwicHJpdmlsZWdlc1wiOlwiU1wifSJdLCJyYmFjcyI6W10sImxvZ2luVHlwZSI6IkxPQ0FMIiwibG9naW5NZXNzYWdlIjoiIiwiY2hhbmdlUGFzc3dvcmRSZXF1aXJlZCI6ZmFsc2V9.gmGYEFYsFcpECbky1pgq3AVdEexPvcZx8HU9hbG4a8o",

    "token_type": "JWT",

    "expires_in": 1800,

    "scope": "ENTERPRISE_MANAGER"

}

Also note that the expiration time for the DCS 6.10 token is 1,800 seconds, whereas the expiration time for a DCS 6.9.3 token is 3,600 seconds.

Lastly, the token type has changed from 'Bearer' in DCS 6.9.3 to 'JWT' in DCS 6.10. This token type change needs to be reflected in the authorization header in all subsequent API calls to a DS 6.10 manager.

4. Authorization header

Apart from the initial auth token request API, DCS 6.9.3 API calls use 'Bearer' as the authorization type in the header, whereas DCS 6.10 API calls use 'JWT' as the type.

6.9.3: Key: "Authorization", Value: "Bearer {{accessToken}}"

6.10: Key: "Authorization", Value: "JWT {{access_token}}"

5. API base URI

The last difference is in the base URI of the APIs themselves. The base URI for all DCS 6.9.3 API calls, except for the auth token request described above, is this:

                /sis-ui/api/v1/

The base URI for all DCS 6.10 API calls is this:

/sis-ui/api/v2/

All DCS 6.9.3 APIs, whether being natively used on a DCS 6.9.3 manager or on a DCS 6.10 manager, have the '/v1' path. DCS 6.10 native APIs have '/v2/' in the path.

Please create reach Symantec support team or create a support ticket on steps to generate authentication token. 

I hope this helps.

Thanks 

Original Message:
Sent: Apr 10, 2025 04:19 AM
From: JanTorsten Hobohm
Subject: DCS:SA 6.10 REST-API

Hi There,

I'm missing information about the REST-API in 6.10.0.

Since UMC is gone scripts are not running anymore using:

• /umcservices/rest/v1.0/auth/token
• /sis-ui/api/v1/sa/assets/
• /sis-ui/api/v1/sa/securitygroups/

Thanks

Hi Muhammad,

I could make the changes to the scripts and everything is running.

Thanks, JT.

Thanks Muhammand for the info.

I will check that after the holidays. Too busy right now.

JT.

Hello @JanTorsten Hobohm

First of all DCS 6.10.x architecture is all API driven and DCS 6.10 contains much larger number of APIs to automate your DCS operations. You can look at the all available APIs (Swagger) within DCS 6.10.x console by clicking on user profile and API Documentation 


You can also look at a sample API driven powershell script within DCS console by following the steps below 

1. Login to DCS 6.10.x console 
2. Go to Assets Tab and then click on More Actions 
3. Click on Prevention Assessment Report
Script is available on <Install directory>\Symantec\Symantec Data Center Security\Console\bin\assessment-report.ps1
assessment-report.ps1 is 6.10 script

API differences between 6.9.3 and 6.10.x versions

The release of DCS version 6.10.x brings with it slight differences in the REST APIs compared to version 6.9.3 that need to be considered before using the APIs to perform automated tasks. These differences are explained below.

1. API Documentation: The first difference is how the APIs are documented. DCS 6.10 provides a new Swagger web page (as explained above) that documents each API. It can be accessed from the 6.10.x console by selecting 'API Documentation' from the user dropdown menu in the upper right corner of the 6.10 console.

Bookmark Swagger Page with the URL
                 https://<DCS manager IP/hostname>:4443/sis-ui/api/swagger-ui/index.html

The Swagger page will look something like this:

2. Default ports used for API calls : Another difference is the default port used for API calls. DCS 6.9.3 uses 8443 as the default port for the OAuth token request API and 4443 for all other API calls. However, DCS 6.10.x uses 4443 for all API calls, including the OAuth token request. Keep this and other differences in mind if scripts written for a 6.9.3 manager are being converted to work with a 6.10 manager. 

3. OAuth token request API

The API for requesting an OAuth token has changed in 6.10. The URI for 6.9.3 is this:

https://{{UMC_IP}}:8443/umcservices/rest/v1.0/auth/token

The URI for 6.10 is this:

https://{{DCS_manager_IP}}:4443/sis-ui/api/v2/auth/token

Notice that the default port number is different and the base URI is also different. The request body has also changed.

6.9.3 auth token request body:

{

    "username":"<UMC user>",

    "password":"<password>"

}

6.10 auth token request body:

{

    "username":"{{user}}",

    "password":"{{password-base64}}",

    "smartcard": false,

    "scope": "ENTERPRISE_MANAGER"

}

Also, note that the password value in the DCS 6.10 token request is a base64-encoded string with user, ':' and password concatenated together.

base64("<user>" + ":" + "<password>")

The resulting auth token value is now placed in a different name in the 6.10 response body ("access_token").  DCS 6.9.3 places the auth token value under the name 'accessToken'. Example 6.10 response body:

{

    "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI2ODdhMjgxZS0zOWE0LTRmZTQtYmQwOS1hNGI5ZGI5NDcyNTEiLCJpc3MiOiJkY3MiLCJzdWIiOiJhcGl1c2VyIiwiYXVkIjosxxQVLNTiRU5URVJQUklTRV9NQU5BR0VSIiwiZXhwIjoxNzQ0MjIwMTM1LCJ1aWQiOjE1MDEsInJvbGVzIjpbIntcInJpZFwiOjEsXCJuYW1lXCI6XCJBZG1pbmlzdHJhdG9yc1wiLFwicHJpdmlsZWdlc1wiOlwiU1wifSJdLCJyYmFjcyI6W10sImxvZ2luVHlwZSI6IkxPQ0FMIiwibG9naW5NZXNzYWdlIjoiIiwiY2hhbmdlUGFzc3dvcmRSZXF1aXJlZCI6ZmFsc2V9.gmGYEFYsFcpECbky1pgq3AVdEexPvcZx8HU9hbG4a8o",

    "token_type": "JWT",

    "expires_in": 1800,

    "scope": "ENTERPRISE_MANAGER"

}

Also note that the expiration time for the DCS 6.10 token is 1,800 seconds, whereas the expiration time for a DCS 6.9.3 token is 3,600 seconds.

Lastly, the token type has changed from 'Bearer' in DCS 6.9.3 to 'JWT' in DCS 6.10. This token type change needs to be reflected in the authorization header in all subsequent API calls to a DS 6.10 manager.

4. Authorization header

Apart from the initial auth token request API, DCS 6.9.3 API calls use 'Bearer' as the authorization type in the header, whereas DCS 6.10 API calls use 'JWT' as the type.

6.9.3: Key: "Authorization", Value: "Bearer {{accessToken}}"

6.10: Key: "Authorization", Value: "JWT {{access_token}}"

5. API base URI

The last difference is in the base URI of the APIs themselves. The base URI for all DCS 6.9.3 API calls, except for the auth token request described above, is this:

                /sis-ui/api/v1/

The base URI for all DCS 6.10 API calls is this:

/sis-ui/api/v2/

All DCS 6.9.3 APIs, whether being natively used on a DCS 6.9.3 manager or on a DCS 6.10 manager, have the '/v1' path. DCS 6.10 native APIs have '/v2/' in the path.

Please create reach Symantec support team or create a support ticket on steps to generate authentication token. 

I hope this helps.

Thanks 

Original Message:
Sent: Apr 10, 2025 04:19 AM
From: JanTorsten Hobohm
Subject: DCS:SA 6.10 REST-API

Hi There,

I'm missing information about the REST-API in 6.10.0.

Since UMC is gone scripts are not running anymore using:

• /umcservices/rest/v1.0/auth/token
• /sis-ui/api/v1/sa/assets/
• /sis-ui/api/v1/sa/securitygroups/

Thanks