API Gateway

The API Gateway feature in Aruba Central supports the REST Representational State Transfer. REST is a simple and stateless architecture that the web services use for providing interoperability between computer systems on the Internet. In a RESTful web service, requests made to the URI of a resource will elicit a response that may be in XML, HTML, JSON or some other defined format. API Application Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. for all Aruba Central services. This feature allows Aruba Central users to write custom applications, embed, or integrate the APIs with their own applications. The REST APIs support HTTP Hypertext Transfer Protocol. The HTTP is an application protocol to transfer data over the web. The HTTP protocol defines how messages are formatted and transmitted, and the actions that the w servers and browsers should take in response to various commands. GET GET refers HTTP request method or an SNMP operation method. The GET HTTP request method submits data to be processed to a specified resource. The GET SNMP operation method obtains information from the Management Information Base (MIB). and POST The HTTP POST method is used for transferring data from a client (browser) to a server using the HTTP protocol. The POST method is considered a secure way of transferring data from a client as it carries the request parameter in the message body and does not append it in the URL string. operations by providing a specific URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet. for each query. The output for these operations is returned in the JSON JavaScript Object Notation. JSON is an open-standard, language-independent, lightweight data-interchange format used to transmit data objects consisting of attribute–value pairs. JSON uses a "self-describing" text format that is easy for humans to read and write, and that can be used as a data format by any programming language. format.

For secure access to the APIs, the Aruba Central API Framework plug­-in supports the OAuth Open Standard for Authorization. OAuth is a token-based authorization standard that allows websites or third-party applications to access user information, without exposing the user credentials. protocol for authentication and authorization. The access tokens provide temporary and secure access to the APIs. The access tokens have a limited lifetime for security reasons and the applications should use the refresh API to obtain new tokens periodically (every 2 hours).

The API call volume rate-limit is seven (7) calls per second, per customer.

The following figure illustrates the API gateway workflow for the users:

Important Points to Note

  • The admin user has a System Apps & Tokens tab which displays all the apps and tokens generated locally in the admin user profile. This tab also displays all the apps created in the non-admin user profiles. Clicking these apps lists out all the associated tokens created for the non-admin user profile.
  • For users with limited group scope, the Organization menu will appear in the left menu when you click the keywords like Groups or Sites in the context selector.

For more information, see the following topics: