Using an API for User-ID
We saw earlier that you can forward syslogs to the User-ID agent to extract user information, but for those cases where you can’t get the desired information from syslogs, you can also use an API to automate user-to-IP mapping, or manually add and delete user mappings.
You will first need to get an authentication key. Make sure the administrator account you are going to use for these operations has API access.
To get a key, you can use this URL in a browser:
https://<YourFirewall>/api/?type=keygen&user=<Username>&password=<Password>
Alternatively, you can use cURL at the command line:
curl -k -X GET 'https://<YourFirewall>/api/?type=keygen&user=<username>&password=<password>
That would give you the following output:
<response status="success">
<result>
<key>
LUFRPT1TWFhUNWUk5N1Fjd3ZnMzh3MXlTOVJyb0kxSG5IWk5QTkdPNw==
</key>
</result...