Blue Cedar recommends using SSL to transfer sensitive information (such as user passwords) over HTTP, unless access to your policy console is limited to internal networks.
All active policy console users can access many of the resources in the policy console, but some resources are only available to administrators.
Policy console REST resources use form-based authentication and maintain a session on the server side. Nearly all server requests should be authenticated—see Authenticating policy console users for guidelines and an example.
Server requests and responses
Access policy console resources with HTTP requests, and the policy console responds with JSON-formatted data. For a detailed overview of requests and responses, see Accessing and invoking policy console resources.