Welcome to my journey of continuous discovery. Enjoy your visit.
What is a REST API (from WikiPedia)?
Representational State Transfer (REST) is an architectural style that defines a set of constraints to be used for creating web services. Web Services that conform to the REST architectural style, or RESTful web services, provide interoperability between computer systems on the Internet. REST-compliant web services allow the requesting systems to access and manipulate textual representations of web resources by using a uniform and predefined set of stateless operations. Other kinds of web services, such as SOAP web services, expose their own arbitrary sets of operations.[1]
Blah.blah. blah. That is a great definition but too much information.
REST API provides a standard way to GET, POST (create new), DELETE or PUT (update) data from or to an application using a URL. That's it, just those four things.
Now you know everything a REST API can do. The only piece you need to worry about is the URL of the application, if the application require authentication and in what format to exchange the data.
For this section we will be using Proofpoint Threat Response as our sample application and the JSON format. Threat Response does require authentication. so pay attention to the application keys sections of the scripts.
There are three iterations of the script with comments.
The Three Scripts:
get-json-from-rest-api-basic.py : uses no authentication and shows resolution for Secure Request Warning
get-json-from-rest-api-with-auth.py : adds authentication header to use API keys
get-json-from-rest-api.py : allows variables and includes comments