API Gateway
Aruba Central supports a robust set of RESTRepresentational State Transfer. REST is a simple and stateless architecture that the web services use for providing interoperability between computer systems on the Internet. In a RESTful web service, requests made to the URI of a resource will elicit a response that may be in XML, HTML, JSON or some other defined format. APIsApplication Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. to enable users to build custom applications and integrate the APIs with their applications. The Aruba Central API framework uses OAuthOpen Standard for Authorization. OAuth is a token-based authorization standard that allows websites or third-party applications to access user information, without exposing the user credentials. protocol to authenticate and authorize third-party applications, and allows them to obtain secure and limited access to an Aruba Central service.
This section includes the following topics:
API Gateway and NB APIs
The feature in Aruba Central supports the REST API for all Aruba Central services. This feature allows Aruba Central users to write custom applications, embed, or integrate the APIs with their own applications. The REST APIs support HTTPHypertext Transfer Protocol. The HTTP is an application protocol to transfer data over the web. The HTTP protocol defines how messages are formatted and transmitted, and the actions that the w servers and browsers should take in response to various commands. GETGET refers HTTP request method or an SNMP operation method. The GET HTTP request method submits data to be processed to a specified resource. The GET SNMP operation method obtains information from the Management Information Base (MIB). and POSTThe HTTP POST method is used for transferring data from a client (browser) to a server using the HTTP protocol. The POST method is considered a secure way of transferring data from a client as it carries the request parameter in the message body and does not append it in the URL string. operations by providing a specific URLUniform Resource Locator. URL is a global address used for locating web resources on the Internet. for each query. The output for these operations is returned in the JSONJavaScript Object Notation. JSON is an open-standard, language-independent, lightweight data-interchange format used to transmit data objects consisting of attribute–value pairs. JSON uses a "self-describing" text format that is easy for humans to read and write, and that can be used as a data format by any programming language. format.
For secure access to the APIs, the Aruba Central API Framework plug-in supports OAuth protocol for authentication and authorization. The access tokens provide a temporary and secure access to the APIs. The access tokens have a limited lifetime for security reasons and the applications should use the refresh API to obtain new tokens periodically (every 2 hours).
The following figure illustrates the API gateway workflow for the users:
Accessing API Gateway
To access the API Gateway:
1. In the page, under , click .
The page is displayed. You can get new tokens and refresh old tokens. To obtain a new token application, you must set authentication parameters for a user session.
Figure 1 Account Home Page with API Gateway Option Page
Important Points to Note
- The admin user profile of MSP has tab which displays all the apps and tokens generated locally in the admin user profile. This tab also displays all the apps created in the non-admin user profiles. Clicking these apps lists out all the associated tokens created for the non-admin user profile.
- Administrator role is specific to an app and hence the administrator account related RBAC library APIs and decorators must contain the application name as one of the parameters in the access verification query.
- The decorators associated with , , or must contain , , or as app names respectively, as one of the parameters.
Domain URLs
The following table shows the region-specific domain URLs for accessing API Gateway:
|
Region |
Domain Name |
|---|---|
|
US-1 |
app1-apigw.central.arubanetworks.com |
|
US-2 |
apigw-prod2.central.arubanetworks.com |
|
US-WEST-4 |
apigw-uswest4.central.arubanetworks.com |
|
EU-1 |
eu-apigw.central.arubanetworks.com |
|
EU-2 |
apigw-eucentral2.central.arubanetworks.com |
|
EU-3 |
apigw-eucentral3.central.arubanetworks.com |
|
Canada-1 |
apigw-ca.central.arubanetworks.com |
|
China-1 |
apigw.central.arubanetworks.com.cn |
|
APAC-1 |
api-ap.central.arubanetworks.com |
|
APAC-EAST1 |
apigw-apaceast.central.arubanetworks.com |
|
APAC-SOUTH1 |
apigw-apacsouth.central.arubanetworks.com |
The procedures described in this article use app1-apigw.central.arubanetworks.com as an example. Ensure that you use the appropriate domain URL when accessing API Gateway or generating tokens.
Viewing Swagger Interface
To view the APIs managed through Aruba Central, complete the following steps:
- In the page, under , click .
The page with the list of published APIs is displayed. - To view the Swagger interface, click the link in the column next to the specific published API name. The documentation is displayed in a new window.
Figure 2 API Gateway Dashboard
List of Supported APIs
Aruba Central supports the following APIs for the managed devices.
|
API |
Description |
|---|---|
|
|
Gets network, client, and event details. It also allows you to manage labels and switches. |
|
|
Allows you to configure and retrieve the following:
|
|
|
Gets Top N AppRF statistics. |
|
|
Gets visitor and session details of the portal. |
|
|
Allows you to manage and retrieve the following:
Aruba has enforced a request limit for the following APIs: The maximum limit is set to 50 per API call. If you exceed this limit, the API call returns the HTTP error code 400 and the following error message: . |
|
|
Allows you to manage users and also allows you to configure various types of users with a specific level of access control. |
|
|
Gets a list of audit events and the details of an audit event. |
|
|
Gets device details and device statistics. |
|
|
Allows you to manage and retrieve subscription keys. |
|
|
Allows you to configure the Presence Analytics application. It also retrieves site and loyalty data. |
|
|
Allows you to manage devices. |
|
|
Allows you to manage firmware. |
|
|
Gets a list of troubleshooting commands for a specific type of device. |
|
|
Gets notification alerts generated for events pertaining to device provisioning, configuration, and user management. |
|
|
Retrieves data for all sessions for a specific period of time. It also retrieves the total number of clients who made calls in the given time range and gets the Lync/Skype for Business URL for the Aruba Central cluster that you are using. |
|
|
Allows you to refresh the API token. |
|
|
Gets the list of configured reports for the given customer ID. |
|
|
Allows you to the following:
|
|
|
Allows you to get data for all the labels and sites. |
|
|
Allows you to add, or delete Webhooks, and get or refresh Webhook tokens. See Webhooks for further details on Webhook. |
|
|
Allows you retrieve information on floor plans, location of APs, clients and rogue devices. |
|
|
Gets DPS compliance and session statistics for all the links of a device belonging to a specific policy. |
For a complete list of APIs and the corresponding documentation, see https://app1-apigw.central.arubanetworks.com/swagger/central.
