Blue Cedar recommends using SSL to transfer sensitive information (such as user passwords) over HTTP, unless access to your policy console is limited to internal networks.

User access

All active policy console users can access many of the resources in the policy console, but some resources are only available to administrators.

You can set administrator access for a user with POST user/create or PUT user/update.


Policy console REST resources use form-based authentication and maintain a session on the server side. Nearly all server requests should be authenticated—see Authenticating policy console users for guidelines and an example.

Server requests and responses

Access policy console resources with HTTP requests, and the policy console responds with JSON-formatted data. For a detailed overview of requests and responses, see Accessing and invoking policy console resources.