Versions Compared

Version Old Version 7 New Version 8
Changes made by

AntonA (Unlicensed)

AntonA (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

curl --insecure https://fixedge.host:8903/sessions

...

Admin REST API configuration parameters

The properties can be configured in FIXEdge.properties:

Authentication
FieldTypeDescriptionRequired

AdminRESTAPI.Enabled

bool

is admin REST API enabled or not

No, default = false

AdminRESTAPI.ServerMode

enum

admin REST API server modes:

  • HTTPS
  • HTTP
No, default = HTTPS

AdminRESTAPI.BindAddress

string

define specific network interface for listening


Info

The parameter was introduced in FIXEdge 6.9.0

No, default = "0.0.0.0" (all interfaces)

AdminRESTAPI.Port

intTCP port to listenYes (if AdminRESTAPI.Enabled = true)

AdminRESTAPI.HTTPSServer.Port

int

TCP port to listen

Info

Property is deprecated, use AdminRESTAPI.Port instead

No

AdminRESTAPI.HTTPSServer.PrivateKey

stringpath to SSL private key file Yes (if AdminRESTAPI.ServerMode = HTTPS)

AdminRESTAPI.HTTPSServer.Certificate

stringpath to SSL certificate fileYes (if AdminRESTAPI.ServerMode = HTTPS)

AdminRESTAPI.HTTPSServer.CertificateAuthority

stringpath to the file or directory containing the CA/root certificates.
Can be empty if the OpenSSL builtin CA certificates are used		No

Configuration Example:

Code Block
AdminRESTAPI.Enabled = true
AdminRESTAPI.Port = 8903
AdminRESTAPI.HTTPSServer.PrivateKey = ../FIXEdge1/conf/AdminRESTAPI.key
AdminRESTAPI.HTTPSServer.Certificate = ../FIXEdge1/conf/AdminRESTAPI.crt

Admin REST API authentication configuration

Info

Admin REST API authentication is supported since FIXEdge C++ 6.14.0 version.

Property

Type

Description

Required

AdminRESTAPI.Tokens

string

The property defines API token for client's authentication.

To activate Authenticated Admin REST mode the property should be defined with comma separated list of cryptographic hash of the possible tokens values. The hash value is represented as a hexadecimal string (a sequence of hexadecimal digits, pair of such digits represents a single byte of a hash).

To generate a hash of the token a user can use commands like echo tocken | sha256sum or echo tocken | openssl dgst -sha256.

Admin REST API authentication is disabled (unsecure mode) if this property is not set in FIXEdge.properties file or is set to empty string value. Non-authorized clients are able to perform health checks only but not via /service/started.

Yes

AdminRESTAPI.

TokenHashAlgorithm 

TokenHashAlgorithm

string

The property defines hash algorithm to be used. The list of supported hash functions depends on OpenSSL and must include at least SHA256 algorithm.

By default SHA256 algorithm is used.

No, default = SHA256

Example:

...

To enable Admin REST API authentication mode all requests must contain Authorization header must have a Bearer <token-value> form with specified:

  • Bearer authentication shema
  • Authentication token

Configuration of Admin REST API with self-signed SSL certificate

...

You need OpenSSL or LibreSSL installed on your system to follow this instruction.  For Windows systems you can get OpenSSL from Cygwin (www.cygwin.com). 

...