You need to ensure that you use the API in a secure manner.
Micro Focus recommends that you apply the following points when using the interactive API library:
The
X-Requested-With header must be set. For Web browser clients, this is typically set to
XMLHttpRequest. For your script, you should give this a value that clearly identifies it as your script.
The
host header must be set to the location of your
ESCWA instance, for example,
localhost:10086.
Note: This is not applicable for GET requests.
One of the
Origin or
Referer headers must be set to the location of the
ESCWA instance, for example,
https://localhost:10086.
Note: This is not applicable for GET requests.
For any endpoint that produces output, the
Accept header must be set to
application/json.
For any endpoint that requires a body to be provided, the
Content-Type header must be set to
application/json and the
Content-Length header must be set to the length of the body in bites.
All sent and response bodies must use the UTF-8 character encoding.
Some methods in the interactive library will do some or all of these for you. See
Enterprise Server Administration Server API for more information.