Overview

FIXEdge Admin REST API is intended to be a pragmatic tool for on-the-fly tuning of the most common FIXEdge properties.

It offers REST interface to handle the following properties of FIXEdge:

Referring to FIX message log:
1. Retrieve FIX message log of specific / all sessions
2. Output the acquired contents to text
Get FIX session list:
1. Retrieve the list of session definitions and their states
2. Output the acquired contents to text
Session Control:
1. Start and stop sessions
2. Get session status (since FIXEdge 6.9.0)
3. Get session statistics (since FIXEdge 6.9.0)
4. Restart session (since FIXEdge 6.9.0)
Reset sequence No:
1. Reset FIX sequence No. (incoming and outgoing)
Set sequence No:
1. Set an arbitrary value for the sequence number of a specific session
Reload BL_Config.xml
Send messages to session output queue
Authenticate the client via authentication token:
1. Authorized clients are able to perform all operations via Admin REST API.
2. Non-authorized clients are able to perform health checks only.

Admin REST API authentication is supported since FIXEdge C++ 6.14.0 version.

Installation

FIXEdge Admin REST API is a part of FIXEdge Server and is introduced in version 6.4.0 of FIXEdge. It's needed to enable AdminRESTAPI.Enabled parameter and set the values for all required AdminRESTAPI fields in FIXEdge.properties (See the "Properties" section).

Admin REST API is available via HTTPS protocol only so it's needed to configure a certificate and a private key which it uses for encryption. FIXEdge packages contain self-signed certificate and private key that can be used by Admin REST API. You can set up your own a self-signed certificate for the servers you're connecting to as described in the "Configuration of Admin REST API with self-signed SSL certificate" section below.

Note: when you're connecting to a server that uses a self-signed certificate, you will be displayed a warning (see figure below). Click on the "Add Exception..." button to add the certificate to a set of trusted certificates.

If you use cURL to query Admin REST API you need to add parameter --insecure, e.g.

curl --insecure https://fixedge.host:8903/sessions

Admin REST API configuration parameters

The properties can be configured in FIXEdge.properties:

Field	Type	Description	Required
AdminRESTAPI.Enabled	bool	is admin REST API enabled or not	No, default = false
AdminRESTAPI.ServerMode	enum	admin REST API server modes: HTTPS HTTP	No, default = HTTPS
AdminRESTAPI.BindAddress	string	define specific network interface for listening The parameter was introduced in FIXEdge 6.9.0	No, default = "0.0.0.0" (all interfaces)
AdminRESTAPI.Port	int	TCP port to listen	Yes (if AdminRESTAPI.Enabled = true)
AdminRESTAPI.HTTPSServer.Port	int	TCP port to listen Property is deprecated, use AdminRESTAPI.Port instead	No
AdminRESTAPI.HTTPSServer.PrivateKey	string	path to SSL private key file	Yes (if AdminRESTAPI.ServerMode = HTTPS)
AdminRESTAPI.HTTPSServer.Certificate	string	path to SSL certificate file	Yes (if AdminRESTAPI.ServerMode = HTTPS)
AdminRESTAPI.HTTPSServer.CertificateAuthority	string	path to the file or directory containing the CA/root certificates. Can be empty if the OpenSSL builtin CA certificates are used	No
AdminRESTAPI.HeartBeatIntervalS	int	controls the interval (in seconds) at which FIXEdge C++ sends heartbeat messages to FIXICC H2. Set this value to '0' to disable heartbeats.	30

Configuration Example:

AdminRESTAPI.Enabled = true
AdminRESTAPI.Port = 8903
AdminRESTAPI.HTTPSServer.PrivateKey = ../FIXEdge1/conf/AdminRESTAPI.key
AdminRESTAPI.HTTPSServer.Certificate = ../FIXEdge1/conf/AdminRESTAPI.crt

Admin REST API authentication configuration

Admin REST API authentication is supported since FIXEdge C++ 6.14.0 version.

Property

Type

Description

Required

AdminRESTAPI.Tokens

string

The property defines API token for client's authentication.

To activate Authenticated Admin REST mode the property should be defined with comma separated list of cryptographic hash of the possible tokens values. The hash value is represented as a hexadecimal string (a sequence of hexadecimal digits, pair of such digits represents a single byte of a hash).

To generate a hash of the token a user can use commands like echo -n tocken | sha256sum or echo -n tocken | openssl dgst -sha256.

Admin REST API authentication is disabled (unsecure mode) if this property is not set in FIXEdge.properties file or is set to empty string value. Non-authorized clients are able to perform health checks only via /service/started.

No

AdminRESTAPI.TokenHashAlgorithm

string

The property defines hash algorithm to be used. The list of supported hash functions depends on OpenSSL and must include at least SHA256 algorithm.

By default SHA256 algorithm is used.

No, default = SHA256

To enable Admin REST API authentication mode all requests must contain Authorization header must have a Bearer <token-value> form with specified:

Bearer authentication shema
Authentication token

Configuration of Admin REST API with self-signed SSL certificate

You need OpenSSL or LibreSSL installed on your system to follow this instruction. For Windows systems you can get OpenSSL from Cygwin (www.cygwin.com).

Create CA root key
openssl genrsa -out rootCA.key 2048
Create root certificate
openssl req -x509 -new -key rootCA.key -days 10000 -out rootCA.crt
Answer the questions that openssl asks. The duration of certificate will be 10000 days.
Generate certificate signed with the created CA
openssl genrsa -out AdminRESTAPI.key 2048
Create certificate signing request
openssl req -new -key AdminRESTAPI.key -out AdminRESTAPI.csr
Sign the certificate with the root certificate
openssl x509 -req -in AdminRESTAPI.csr -CA rootCA.crt -CAkey rootCA.key -CAcreateserial -out AdminRESTAPI.crt -days 5000

Documentation

FIXEdge Administrative REST API and SDK Documentation

Browser not supported