It's OK everybody I figured it out (with Donal Fellows's help).
In case anyone else gets stuck:
You need to POST to your_site/rest/accesstoken with the Content-Type set
to application/json. In the body have a JSON document with the email
(user account) and password, such as:
{
'email' : 'Administrator',
'password' : 'AdminPassword'
}
This then returns a JSON document which includes
{
...
"sessionId": "SessionId",
...
}
You take the sessionId and use it as the X-ICE-Authentication-SessionId
header in subsequent calls.
> Thanks,
>
> Alan
Alan