8.1.1.7. Registering the Agent
Registering the Agent is used to obtain a token that we send through the payload, and that the server validates to confirm that this payload comes from a secure source, as the call is public, and anyone can send us the info they want. In this way, we can verify that the payload comes from an OpenNAC Agent and a valid user (either because he has a token, or because the user belongs to a valid domain).
The client must have an option Register Agent in the Agent in which he will open a window to enter a username and password. The sending of this data is made through a POST call to the server and, in the case of valid credentials, a token will be returned. In each payload, the Agent will send the token obtained to the server. Specifically, the parameter will be inside the OPENNAC JSON object, as shown below.
{
"OPENNAC": {
"UID": "080027B598B8",
"TIMESTAMP": "1594630875",
"TYPE": "service",
"VPNVERSION": "1",
"PLATFORM": "WINDOWS",
"VERSION": "1.0.10000",
"MONITOR_TYPE": "Pipe",
"USED_INTERFACE_IP": "10.0.3.15",
"TOKEN": "164cc268-dd31-11ea-b9ca-6f6e636f7265"
},
…
}
8.1.1.7.1. Data sent to server
Username, password and hardwareId as form-data.
The server host, in this case 10.21.1.36, should be the one used to send the scan data.
8.1.1.7.2. Response from server
The status of the response is always 200 OK. If the authentication was successful or not, it will be detected by the received JSON, specifically, a result parameter that will return “ok” or “error”.
Successful authentication:
JSON object with a result and a token.
{
"result": "ok",
"token": "5bdf4ccc-dc83-11ea-b96f-6f70656e6e61"
}
-Unsuccessful authentication:
JSON object with a result and a reason.
{
"result": "error",
"reason": "invalid credentials"
}