Neurons Secure Access REST API Guide
The REST API provides a standardized method for Next-Gen firewalls and third-party systems to interact with nSA.
Representational state transfer (REST) or RESTful Web services are one way of providing interoperability between computer systems on the Internet. REST-compliant Web services allow requesting systems to access and manipulate textual representations of Web resources using a uniform and predefined set of stateless operations. In a RESTful Web service, requests made to a resource's URI will elicit a response that may be in XML, HTML, JSON or some other defined format. ICS/IPS supports JSON format only.
Best Practice
Always call the logout endpoint to end the session
When using the Neurons Secure Access REST APIs:
•Always call the logout endpoint to end the session:
•On normal completion of your API workflow.
•In error paths and on timeouts (use a finally block or equivalent to guarantee execution).
•Before re-attempting login if you receive authentication errors that could be session-related.
This practice ensures clean session management, improves security, and helps avoid unexpected authentication issues.
Using the logout endpoint
GET /api/my-session/logout
Purpose: Terminates the current authenticated session.
Authentication: Requires a valid active session (for example, session cookie or Authorization header).
Request:
Query parameters: none
Body: none
Responses:
200 OK – Logout successful. The current session is invalidated; subsequent API calls require re-authentication. Response body may be empty.
401 Unauthorized – No active session or invalid/expired credentials.
405 Method Not Allowed – If GET is not permitted on this endpoint.
5xx – Server-side error.
Example requests:
Using bearer token: curl -k -X GET "https://<nsa-host>/api/my-session/logout" -H "Authorization: Bearer <access_token>"
Using session cookie: curl -k -X GET "https://<nsa-host>/api/my-session/logout" -H "Cookie: <session_cookie_name>=<session_id>"
Example response: HTTP/1.1 200 OK
If you receive 200 OK for this endpoint, logout is successful.