API Gateway

The API Gateway feature in Aruba Central supports the REST Representational State Transfer. REST is a simple and stateless architecture that the web services use for providing interoperability between computer systems on the Internet. In a RESTful web service, requests made to the URI of a resource will elicit a response that may be in XML, HTML, JSON or some other defined format. API Application Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software. for all Aruba Central services. This feature allows Aruba Central users to write custom applications, embed, or integrate the APIs with their own applications. The REST APIs support HTTP Hypertext Transfer Protocol. The HTTP is an application protocol to transfer data over the web. The HTTP protocol defines how messages are formatted and transmitted, and the actions that the w servers and browsers should take in response to various commands. GET GET refers HTTP request method or an SNMP operation method. The GET HTTP request method submits data to be processed to a specified resource. The GET SNMP operation method obtains information from the Management Information Base (MIB). and POST The HTTP POST method is used for transferring data from a client (browser) to a server using the HTTP protocol. The POST method is considered a secure way of transferring data from a client as it carries the request parameter in the message body and does not append it in the URL string. operations by providing a specific URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet. for each query. The output for these operations is returned in the JSON JavaScript Object Notation. JSON is an open-standard, language-independent, lightweight data-interchange format used to transmit data objects consisting of attribute–value pairs. JSON uses a "self-describing" text format that is easy for humans to read and write, and that can be used as a data format by any programming language. format.

For secure access to the APIs, the Aruba Central API Framework plug­-in supports OAuth Open Standard for Authorization. OAuth is a token-based authorization standard that allows websites or third-party applications to access user information, without exposing the user credentials. protocol for authentication and authorization. The access tokens provide a temporary and secure access to the APIs. The access tokens have a limited lifetime for security reasons and the applications should use the refresh API to obtain new tokens periodically (every 2 hours).

The API call volume is rate-limited to seven (7) calls per second, per customer.

The following figure illustrates the API gateway workflow for the users:

This section includes the following topics:

Accessing API Gateway

To access the API Gateway, complete the following steps:

  1. In the Aruba Central app, set the filter to Global.
  2. Under Maintain, click Organization > Platform Integration.
  3. Under the API Gateway tile, click Rest API.

The API Gateway page is displayed. You can get new tokens and refresh old tokens. To obtain a new token application, you must set authentication parameters for a user session.

Important Points to Note

    • The admin user has System Apps & Tokens tab which displays all the apps and tokens generated locally in the admin user profile. This tab also displays all the apps created in the non-admin user profiles. Clicking these apps lists out all the associated tokens created for the non-admin user profile.
    • For users with limited group scope, the Organization menu will appear in the left menu when you click on the keywords like Groups or Sites in the context selector.

Viewing Swagger Interface

To view the APIs managed through Aruba Central, complete the following steps:

  1. In the Aruba Central app, set the filter to Global.

  2. Under Maintain, click Organization > Platform Integration > Rest API.
  3. To view the Swagger interface, click the link in the Documentation column. A new window is displayed with the Swagger documentation. In case of multiple accounts, select one of the accounts to view the Swagger documentation in a new window.

    On selecting the bookmarked Swagger documentation URL, a window is displayed with a sign-in request. To view the Swagger documentation, authenticate using the SSO Single Sign-On. SSO is an access-control property that allows the users to log in once to access multiple related, but independent applications or systems to which they have privileges. The process authenticates the user across all allowed resources during their session, eliminating additional login prompts. and select one of the accounts.

    Figure 1  API Gateway Dashboard

List of Supported APIs

Aruba Central supports the following APIs for the managed devices.

Table 1: APIs and Description

API

Description

Monitoring

Gets network, client, and event details. It also allows you to manage labels and switches.

Configuration

Allows you to configure and retrieve the following:

  • Groups
  • Templates
  • Devices

AppRF

Gets Top N AppRF statistics.

Guest

Gets visitor and session details of the portal.

MSP

Allows you to manage and retrieve the following:

  • Customers
  • Users
  • Resources
  • Devices

Aruba has enforced a request limit for the following APIs:

  • GET /msp_api/v1/customers
  • GET /msp_api/v1/customers/{customer_id}/devices
  • GET /msp_api/v1/devices
  • PUT /msp_api/v1/customers/{customer_id}/devices

The maximum limit is set to 50 per API call. If you exceed this limit, the API call returns the HTTP error code 400 and the following error message: LIMIT_REQUEST_EXCEEDED.

User Management

Allows you to manage users and also allows you to configure various types of users with a specific level of access control.

Audit Event Logs

Gets a list of audit events and the details of an audit event.

New Device Inventory

Gets device details and device statistics.

New Licensing

Allows you to manage and retrieve subscription keys.

Presence Analytics

Allows you to configure the Presence Analytics application. It also retrieves site and loyalty data.

Device Management

Allows you to manage devices.

Firmware

Allows you to manage firmware.

Troubleshooting

Gets a list of troubleshooting commands for a specific type of device.

Notification

Gets notification alerts generated for events pertaining to device provisioning, configuration, and user management.

Unified Communications

Retrieves data for all sessions for a specific period of time. It also retrieves the total number of clients who made calls in the given time range and gets the Lync/Skype for Business URL for the Aruba Central cluster that you are using.

Refresh API Token

Allows you to refresh the API token.

Reporting

Gets the list of configured reports for the given customer ID.

WAN Health

Allows you to the following:

Network Health

Allows you to get data for all the labels and sites.

Webhook

Allows you to add, or delete Webhooks, and get or refresh Webhook tokens. See Webhooks for further details on Webhook.

VisualRF

Allows you retrieve information on floor plans, location of APs, clients and rogue devices.

DPS Monitoring

Gets DPS compliance and session statistics for all the links of a device belonging to a specific policy.

For a complete list of APIs and the corresponding documentation, see https://app1-apigw.central.arubanetworks.com/swagger/central.

This section also includes the following topics: