Hey Steve, great questions—let's tackle them one at a time:

Absolutely, there are several reliable ways to convert a SOAP API to REST, depending on your technical stack and needs:

• API Gateway/Proxy Tools: Tools like Apigee, MuleSoft, or open-source options like Kong or WSO2 act as a middle layer. They accept REST requests from clients, transform the payload into SOAP XML, call the backend SOAP API, then convert the SOAP response back to JSON/REST format for the client. Implementation involves setting up proxy rules that map REST endpoints to specific SOAP operations, and configuring XML-JSON transformation logic.
• Custom Middleware Service: Build a lightweight service (using Node.js, Java, Python, etc.) that exposes REST endpoints internally. This service handles calling the SOAP API under the hood—for example, using Node's soap library, Java's JAX-WS, or Python's zeep to construct SOAP envelopes. You'll parse incoming REST/JSON requests, map them to SOAP parameters, send the SOAP call, then convert the XML response back to JSON before returning it to the client.
• Code Generation Tools: Use tools like OpenAPI Generator (formerly Swagger Codegen) or SOAPUI to auto-generate a REST wrapper from your SOAP WSDL. These tools can create REST API stubs that handle the SOAP-to-REST translation, letting you focus on wiring up the core logic rather than building everything from scratch.

Yes, the Deep Security REST API has a direct equivalent to the SOAP softwareApplyToHosts method you mentioned. Here's how to implement it:

First, let's map the SOAP parameters to REST concepts:

• $hosts.ID → REST uses hostID (or multiple hostIDs for bulk operations)
• $software.version → REST requires the softwareID (unique ID of the Agent software package, not just the version string)
• $DSMWebServiceConnection.SessionID → REST uses an auth token (via X-DS-Auth-Token header)

Step-by-Step Implementation: #

1. Authenticate to get an auth token
   Replace the SOAP session ID with a REST auth token by sending a POST request to the sessions endpoint:

   POST /api/sessions
   Headers:
   Content-Type: application/json
   
   Body:
   {
     "apiKey": "your-api-key-here"
     // Or use username/password: {"userName": "admin", "password": "your-password"}
   }
   

   Extract the X-DS-Auth-Token from the response headers—you'll use this for all subsequent requests.

2. Retrieve the Agent software package ID
   REST uses the software package's unique ID instead of the version string. Fetch available Agent packages with this GET request:

   GET /api/software?filter=type%3D'agent'&expand=version
   Headers:
   X-DS-Auth-Token: your-auth-token
   Accept: application/json
   

   Look for the entry matching your target Agent version, and note its ID (e.g., 456).

3. Apply the upgrade to hosts

   • Single host: Send a POST request to the host's action endpoint:

     POST /api/hosts/123/actions/applysoftware
     Headers:
     X-DS-Auth-Token: your-auth-token
     Content-Type: application/json
     
     Body:
     {
       "softwareID": 456
     }
     

   • Bulk hosts: Use the bulk action endpoint to upgrade multiple hosts at once:

     POST /api/hosts/actions/applysoftware
     Headers:
     X-DS-Auth-Token: your-auth-token
     Content-Type: application/json
     
     Body:
     {
       "hostIDs": [123, 456, 789],
       "softwareID": 456
     }
     

Notes: #

• Replace 123, 456, and your-auth-token with your actual host IDs, software package ID, and auth token.
• Ensure the software package matches the host's OS platform (e.g., Windows vs. Linux) to avoid compatibility issues.

内容的提问来源于stack exchange，提问作者Steve Benedix