Aruba Central Online Help

API Gateway

Aruba Central supports a robust set of RESTRepresentational State Transfer. REST is a simple and stateless architecture that the web services use for providing interoperability between computer systems on the Internet. In a RESTful web service, requests made to the URI of a resource will elicit a response that may be in XML, HTML, JSON or some other defined format. APIsApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. to enable users to build custom applications and integrate the APIs with their applications. The Aruba Central API framework uses OAuthOpen Standard for Authorization. OAuth is a token-based authorization standard that allows websites or third-party applications to access user information, without exposing the user credentials. protocol to authenticate and authorize third-party applications, and allows them to obtain secure and limited access to an Aruba Central service.

This section includes the following topics:

API Gateway and NB APIs

The API Gateway feature in Aruba Central supports the REST API for all Aruba Central services. This feature allows Aruba Central users to write custom applications, embed, or integrate the APIs with their own applications. The REST APIs support HTTPHypertext Transfer Protocol. The HTTP is an application protocol to transfer data over the web. The HTTP protocol defines how messages are formatted and transmitted, and the actions that the w servers and browsers should take in response to various commands. GETGET refers HTTP request method or an SNMP operation method. The GET HTTP request method submits data to be processed to a specified resource. The GET SNMP operation method obtains information from the Management Information Base (MIB). and POSTThe HTTP POST method is used for transferring data from a client (browser) to a server using the HTTP protocol. The POST method is considered a secure way of transferring data from a client as it carries the request parameter in the message body and does not append it in the URL string. operations by providing a specific URLUniform Resource Locator. URL is a global address used for locating web resources on the Internet. for each query. The output for these operations is returned in the JSONJavaScript Object Notation. JSON is an open-standard, language-independent, lightweight data-interchange format used to transmit data objects consisting of attribute–value pairs. JSON uses a "self-describing" text format that is easy for humans to read and write, and that can be used as a data format by any programming language. format.

For secure access to the APIs, the Aruba Central API Framework plug­-in supports OAuth protocol for authentication and authorization. The access tokens provide a temporary and secure access to the APIs. The access tokens have a limited lifetime for security reasons and the applications should use the refresh API to obtain new tokens periodically (every 2 hours).

The following figure illustrates the API gateway workflow for the users:

Accessing API Gateway

To access the API Gateway:

1. In the Account Home page, under Global Settings, click API Gateway.

The API Gateway page is displayed. You can get new tokens and refresh old tokens. To obtain a new token application, you must set authentication parameters for a user session.

Figure 1  Account Home Page with API Gateway Option Page

Important Points to Note

    • The admin user profile of MSP has System Apps & Tokens tab which displays all the apps and tokens generated locally in the admin user profile. This tab also displays all the apps created in the non-admin user profiles. Clicking these apps lists out all the associated tokens created for the non-admin user profile.
    • Administrator role is specific to an app and hence the administrator account related RBAC library APIs and decorators must contain the application name as one of the parameters in the access verification query.
    • The decorators associated with Account Home, Network Operations, or ClearPass Device Insight must contain account_setting, central, or optik as app names respectively, as one of the parameters.

Domain URLs

The following table shows the region-specific domain URLs for accessing API Gateway:

Table 1: Domain URLs for API Gateway Access

Region

Domain Name

US-1

app1-apigw.central.arubanetworks.com

US-2

apigw-prod2.central.arubanetworks.com

US-WEST-4

apigw-uswest4.central.arubanetworks.com

EU-1

eu-apigw.central.arubanetworks.com

EU-2

apigw-eucentral2.central.arubanetworks.com

EU-3

apigw-eucentral3.central.arubanetworks.com

Canada-1

apigw-ca.central.arubanetworks.com

China-1

apigw.central.arubanetworks.com.cn

APAC-1

api-ap.central.arubanetworks.com

APAC-EAST1

apigw-apaceast.central.arubanetworks.com

APAC-SOUTH1

apigw-apacsouth.central.arubanetworks.com

The procedures described in this article use app1-apigw.central.arubanetworks.com as an example. Ensure that you use the appropriate domain URL when accessing API Gateway or generating tokens.

Viewing Swagger Interface

To view the APIs managed through Aruba Central, complete the following steps:

  1. In the Account Home page, under Global Settings, click API Gateway.
    The API Gateway page with the list of published APIs is displayed.
  2. To view the Swagger interface, click the link in the Documentation column next to the specific published API name. The documentation is displayed in a new window.

    Figure 2  API Gateway Dashboard

List of Supported APIs

Aruba Central supports the following APIs for the managed devices.

Table 2: APIs and Description

API

Description

Monitoring

Gets network, client, and event details. It also allows you to manage labels and switches.

Configuration

Allows you to configure and retrieve the following:

  • Groups
  • Templates
  • Devices

AppRF

Gets Top N AppRF statistics.

Guest

Gets visitor and session details of the portal.

MSP

Allows you to manage and retrieve the following:

  • Customers
  • Users
  • Resources
  • Devices

Aruba has enforced a request limit for the following APIs:

  • GET /msp_api/v1/customers
  • GET /msp_api/v1/customers/{customer_id}/devices
  • GET /msp_api/v1/devices
  • PUT /msp_api/v1/customers/{customer_id}/devices

The maximum limit is set to 50 per API call. If you exceed this limit, the API call returns the HTTP error code 400 and the following error message: LIMIT_REQUEST_EXCEEDED.

User Management

Allows you to manage users and also allows you to configure various types of users with a specific level of access control.

Audit Event Logs

Gets a list of audit events and the details of an audit event.

New Device Inventory

Gets device details and device statistics.

New Licensing

Allows you to manage and retrieve subscription keys.

Presence Analytics

Allows you to configure the Presence Analytics application. It also retrieves site and loyalty data.

Device Management

Allows you to manage devices.

Firmware

Allows you to manage firmware.

Troubleshooting

Gets a list of troubleshooting commands for a specific type of device.

Notification

Gets notification alerts generated for events pertaining to device provisioning, configuration, and user management.

Unified Communications

Retrieves data for all sessions for a specific period of time. It also retrieves the total number of clients who made calls in the given time range and gets the Lync/Skype for Business URL for the Aruba Central cluster that you are using.

Refresh API Token

Allows you to refresh the API token.

Reporting

Gets the list of configured reports for the given customer ID.

WAN Health

Allows you to the following:

Network Health

Allows you to get data for all the labels and sites.

Webhook

Allows you to add, or delete Webhooks, and get or refresh Webhook tokens. See Webhooks for further details on Webhook.

VisualRF

Allows you retrieve information on floor plans, location of APs, clients and rogue devices.

DPS Monitoring

Gets DPS compliance and session statistics for all the links of a device belonging to a specific policy.

For a complete list of APIs and the corresponding documentation, see https://app1-apigw.central.arubanetworks.com/swagger/central.