OpenWiFi
2.6.0
2.6.0
  • OpenWiFi Release 2.6 GA
  • ABOUT
    • About OpenWiFi
    • Supported Hardware
    • Device Partner Information
    • Cloud Partner Information
    • Ordering OpenWiFi APs
    • Example Partner Integrations
  • OPENWIFI STACK
    • Overview
    • SDK
    • Cloud Discovery
      • Discovery without Cloud
    • Access Points
      • Local Device Settings
    • Code Repositories
    • Artifacts
  • SDK
    • Getting Started
    • Release 2.6 SDK
    • Provisioning for Integrators
      • Data Model Introduction
      • Creating a Configuration
    • User Interface for Admins
      • Provisioning
        • Creating Entities
          • Configurations
            • Metrics Settings Example
        • Creating Venues
          • Configurations
            • WAN
            • VAP - SSID
      • Inventory Association
      • Gateway
      • Devices
        • Commands
        • Statistics
        • Command History
      • Firmware
    • Monitoring
      • ELK Integration
  • SDK Installation
    • Overview
    • Deploy using Docker Compose
    • Deploy using Helm
  • Device Feature Configuration Examples
    • Basic Device Provisioning
      • Bridge Mode SSID
      • NAT Gateway Mode SSID
      • Multi-VLAN SSID
    • Advanced Device Feature Configuration Examples
      • Zero Touch Provisioning
      • DHCP Relay
      • Services
      • Metrics
      • GRE
      • L2TP
      • VxLAN
      • WDS
      • Mesh
      • QoS
      • Dynamic Air Time Fairness
      • Captive Portal
        • External Captive Portal
      • Roaming RRM and SON
      • RADIUS Authenticated SSID
        • Dynamic VLANs with RADIUS
        • WISPr Subscriber Bandwidth
        • Dynamic Multi PSK
        • RADIUS MAC-Auth
      • Multi-PSK (MDU Shared Key)
      • Wireguard
      • Dynamic Air-Time Policy
      • Passpoint®
        • Configuration Introduction
        • Advertising Services
        • Passpoint® Configuration
  • RELEASE
    • What's New
    • Features
    • Security Updates
    • Resolved Issues
    • Outstanding Items
    • Testing Results
  • DEVELOPER RESOURCES
    • SDK API
      • OpenAPI Definitions
      • Security Service
      • Gateway Service
      • Firmware Management Service
      • Provisioning Service
      • Analytics Service
      • Postman Collection
    • SDK KAFKA
      • Connection
      • Device Event Queue
      • Device Telemetry
      • Healthcheck
      • Provisioning Change
      • Service Events
      • State
      • WiFi Scan
Powered by GitBook
On this page
  1. DEVELOPER RESOURCES
  2. SDK API

Security Service

PreviousOpenAPI DefinitionsNextGateway Service

Last updated 2 years ago

Retrieve the system layout.

get
Authorizations
Responses
200
successful operation
application/json
403
The requested does not have sufficient rights to perform the operation.
application/json
404
The specified resource was not found.
application/json
get
GET /api/v1/systemEndpoints HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

{
  "endpoints": [
    {
      "type": "text",
      "id": 1,
      "vendor": "text",
      "uri": "https://example.com",
      "authenticationType": "text"
    }
  ]
}

Retrieve a list of existing users as well as some information about them.

get
Authorizations
Query parameters
offsetinteger · int64Optional
limitinteger · int64Optional
filterstringOptional

Selecting this option means the newest record will be returned. Use limit to select how many.

idOnlybooleanOptional

Return only the ids.

selectstringOptional

Return only the ids.

Example: id1,id2,id3,id4,id5
Responses
200Success
403
The requested does not have sufficient rights to perform the operation.
application/json
404
The specified resource was not found.
application/json
get
GET /api/v1/users HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No content

Retrieve the information for a single user.

get
Authorizations
Path parameters
idstring · uuidRequired
Responses
200Success
403
The requested does not have sufficient rights to perform the operation.
application/json
404
The specified resource was not found.
application/json
get
GET /api/v1/user/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No content

Delete a single user.

delete
Authorizations
Path parameters
idinteger · int64Required
Responses
204
The requested operation was performed.
application/json
403
The requested does not have sufficient rights to perform the operation.
application/json
404
The specified resource was not found.
application/json
delete
DELETE /api/v1/user/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

{
  "Operation": "text",
  "Details": "text",
  "Code": 1
}

Retrieve the avatar associated with a user ID.

get
Authorizations
Path parameters
idstring · uuidRequired
Responses
200
Successfully retrieved the avatar
Responsestring · binary
403
The requested does not have sufficient rights to perform the operation.
application/json
404
The specified resource was not found.
application/json
get
GET /api/v1/avatar/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

binary

Remove an avatar associated with a user ID.

delete
Authorizations
Path parameters
idstring · uuidRequired
Responses
204
The requested operation was performed.
application/json
403
The requested does not have sufficient rights to perform the operation.
application/json
404
The specified resource was not found.
application/json
delete
DELETE /api/v1/avatar/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

{
  "Operation": "text",
  "Details": "text",
  "Code": 1
}

Retrieve the list of security profiles for a specific service type.

get
Authorizations
Query parameters
offsetintegerOptional

Pagination start (starts at 1. If not specified, 1 is assumed)

limitintegerOptional

Maximum number of entries to return (if absent, no limit is assumed)

filterstringOptional

Filter the results

Responses
200Success
403
The requested does not have sufficient rights to perform the operation.
application/json
404
The specified resource was not found.
application/json
get
GET /api/v1/securityProfiles HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No content

Retrieve the basic system information. This information is used between services only.

get
Authorizations
Responses
200Success
403
The requested does not have sufficient rights to perform the operation.
application/json
404
The specified resource was not found.
application/json
get
GET /api/v1/systemServices HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No content

Allows any microservice to validate a token and get security policy for a specific user.

get
Authorizations
Query parameters
tokenstringRequired
Responses
200Success
403
The requested does not have sufficient rights to perform the operation.
application/json
404
The specified resource was not found.
application/json
get
GET /api/v1/validateToken HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No content

Retrieve different values from the running service.

get
Authorizations
Query parameters
commandstring · enumRequired

Get a value

Possible values:
Responses
200
Successful command execution
application/json
Responseone of
403
The requested does not have sufficient rights to perform the operation.
application/json
404
The specified resource was not found.
application/json
get
GET /api/v1/system HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

{
  "version": "text",
  "uptime": 1,
  "start": 1,
  "os": "text",
  "processors": 1,
  "hostname": "text",
  "certificates": [
    {
      "filename": "text",
      "expires": 1
    }
  ]
}
  • POSTGet access token - to be used as Bearer token header for all other API requests.
  • DELETERevoke a token.
  • GETRetrieve the system layout.
  • GETRetrieve a list of existing users as well as some information about them.
  • GETRetrieve the information for a single user.
  • POSTCreate a single user.
  • PUTModify a single user.
  • DELETEDelete a single user.
  • GETRetrieve the avatar associated with a user ID.
  • POSTCreate an avatar associated with a user ID.
  • DELETERemove an avatar associated with a user ID.
  • POSTSend test email with the system.
  • POSTSend test email with the system.
  • GETRetrieve the list of security profiles for a specific service type.
  • GETRetrieve the basic system information. This information is used between services only.
  • GETAllows any microservice to validate a token and get security policy for a specific user.
  • GETRetrieve different values from the running service.
  • POSTPerform some system wide commands.

Revoke a token.

delete
Authorizations
Path parameters
tokenstringRequired
Responses
204
successful operation
application/json
Responseany

The requested operation was performed.

403
The requested does not have sufficient rights to perform the operation.
application/json
404
The specified resource was not found.
application/json
delete
DELETE /api/v1/oauth2/{token} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No content

Get access token - to be used as Bearer token header for all other API requests.

post
Authorizations
Query parameters
newPasswordstringOptional

used when a user is trying to change her password. This will be the new password.

forgotPasswordbooleanOptional

A user forgot her password. She needs to present her e-mail address in the userId and set this to true

requirementsbooleanOptional

A user forgot her password. She needs to present her e-mail address in the userId and set this to true

resendMFACodebooleanOptional
completeMFAChallengebooleanOptional
Body
one ofOptional
or
Responses
200
successful operation
application/json
Responseone of
or
403
The requested does not have sufficient rights to perform the operation.
application/json
404
The specified resource was not found.
application/json
post
POST /api/v1/oauth2 HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 53

{
  "userId": "support@example.com",
  "password": "support"
}
{
  "access_token": "text",
  "refresh_token": "text",
  "token_type": "text",
  "expires_in": 1,
  "idle_timeout": 1,
  "username": "text",
  "created": 1,
  "userMustChangePassword": true,
  "errorCode": 1,
  "aclTemplate": {
    "aclTemplate": {
      "Read": true,
      "ReadWrite": true,
      "ReadWriteCreate": true,
      "Delete": true,
      "PortalLogin": true
    }
  }
}

Create a single user.

post
Authorizations
Path parameters
idinteger · int64Required
Query parameters
email_verificationbooleanOptional
Body
idstring · uuidOptional
namestringOptional
descriptionstringOptional
avatarstring · uriOptional
emailstring · emailOptional
validatedbooleanOptional
validationEmailstring · emailOptional
validationDateinteger · int64Optional
createdinteger · int64Optional
validationURIstringOptional
changePasswordbooleanOptional
lastLogininteger · int64Optional
currentLoginURIstringOptional
lastPasswordChangeinteger · int64Optional
lastEmailCheckinteger · int64Optional
currentPasswordstringOptional
lastPasswordsstring[]Optional
waitingForEmailCheckbooleanOptional
locationstring · uuidOptional
ownerstring · uuidOptional
suspendedbooleanOptional
blackListedbooleanOptional
localestringOptional
userRolestring · enumOptionalPossible values:
oauthTypestring · enumOptionalPossible values:
oauthUserInfostringOptional
securityPolicystringOptional
securityPolicyChangeinteger · int64Optional
Responses
200Success
403
The requested does not have sufficient rights to perform the operation.
application/json
404
The specified resource was not found.
application/json
post
POST /api/v1/user/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 869

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "avatar": "https://example.com",
  "email": "name@gmail.com",
  "validated": true,
  "validationEmail": "name@gmail.com",
  "validationDate": 1,
  "created": 1,
  "validationURI": "text",
  "changePassword": true,
  "lastLogin": 1,
  "currentLoginURI": "text",
  "lastPasswordChange": 1,
  "lastEmailCheck": 1,
  "currentPassword": "text",
  "lastPasswords": [
    "text"
  ],
  "waitingForEmailCheck": true,
  "notes": [
    {
      "created": 1,
      "createdBy": "text",
      "note": "text"
    }
  ],
  "location": "123e4567-e89b-12d3-a456-426614174000",
  "owner": "123e4567-e89b-12d3-a456-426614174000",
  "suspended": true,
  "blackListed": true,
  "locale": "text",
  "userRole": "root",
  "oauthType": "internal",
  "oauthUserInfo": "text",
  "securityPolicy": "text",
  "securityPolicyChange": 1,
  "userTypeProprietaryInfo": {
    "mobiles": [
      {
        "number": "text",
        "verified": true,
        "primary": true
      }
    ],
    "mfa": {
      "enabled": true,
      "method": "sms"
    }
  }
}
No content

Modify a single user.

put
Authorizations
Path parameters
idinteger · int64Required
Query parameters
email_verificationbooleanOptional
Body
idstring · uuidOptional
namestringOptional
descriptionstringOptional
avatarstring · uriOptional
emailstring · emailOptional
validatedbooleanOptional
validationEmailstring · emailOptional
validationDateinteger · int64Optional
createdinteger · int64Optional
validationURIstringOptional
changePasswordbooleanOptional
lastLogininteger · int64Optional
currentLoginURIstringOptional
lastPasswordChangeinteger · int64Optional
lastEmailCheckinteger · int64Optional
currentPasswordstringOptional
lastPasswordsstring[]Optional
waitingForEmailCheckbooleanOptional
locationstring · uuidOptional
ownerstring · uuidOptional
suspendedbooleanOptional
blackListedbooleanOptional
localestringOptional
userRolestring · enumOptionalPossible values:
oauthTypestring · enumOptionalPossible values:
oauthUserInfostringOptional
securityPolicystringOptional
securityPolicyChangeinteger · int64Optional
Responses
200Success
403
The requested does not have sufficient rights to perform the operation.
application/json
404
The specified resource was not found.
application/json
put
PUT /api/v1/user/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 869

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "avatar": "https://example.com",
  "email": "name@gmail.com",
  "validated": true,
  "validationEmail": "name@gmail.com",
  "validationDate": 1,
  "created": 1,
  "validationURI": "text",
  "changePassword": true,
  "lastLogin": 1,
  "currentLoginURI": "text",
  "lastPasswordChange": 1,
  "lastEmailCheck": 1,
  "currentPassword": "text",
  "lastPasswords": [
    "text"
  ],
  "waitingForEmailCheck": true,
  "notes": [
    {
      "created": 1,
      "createdBy": "text",
      "note": "text"
    }
  ],
  "location": "123e4567-e89b-12d3-a456-426614174000",
  "owner": "123e4567-e89b-12d3-a456-426614174000",
  "suspended": true,
  "blackListed": true,
  "locale": "text",
  "userRole": "root",
  "oauthType": "internal",
  "oauthUserInfo": "text",
  "securityPolicy": "text",
  "securityPolicyChange": 1,
  "userTypeProprietaryInfo": {
    "mobiles": [
      {
        "number": "text",
        "verified": true,
        "primary": true
      }
    ],
    "mfa": {
      "enabled": true,
      "method": "sms"
    }
  }
}
No content

Create an avatar associated with a user ID.

post
Authorizations
Path parameters
idstring · uuidRequired
Body
string · binaryOptional
Responses
200
The requested operation was performed.
application/json
403
The requested does not have sufficient rights to perform the operation.
application/json
404
The specified resource was not found.
application/json
post
POST /api/v1/avatar/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: image/jpeg
Accept: */*
Content-Length: 8

"binary"
{
  "Operation": "text",
  "Details": "text",
  "Code": 1
}

Send test email with the system.

post
Authorizations
Body
fromstring · emailOptional
subjectstringOptional
recipientsstring · email[]Optional
textstringOptional
Responses
200
The requested operation was performed.
application/json
403
The requested does not have sufficient rights to perform the operation.
application/json
404
The specified resource was not found.
application/json
500
Error description
application/json
post
POST /api/v1/email HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 88

{
  "from": "name@gmail.com",
  "subject": "text",
  "recipients": [
    "name@gmail.com"
  ],
  "text": "text"
}
{
  "Operation": "text",
  "Details": "text",
  "Code": 1
}

Send test email with the system.

post
Authorizations
Query parameters
validateNumberbooleanOptional
completeValidationbooleanOptional
validationCodestringOptional
Body
fromstringOptional
tostringOptional
textstringOptional
Responses
200
The requested operation was performed.
application/json
403
The requested does not have sufficient rights to perform the operation.
application/json
404
The specified resource was not found.
application/json
500
Error description
application/json
post
POST /api/v1/sms HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 41

{
  "from": "text",
  "to": "text",
  "text": "text"
}
{
  "Operation": "text",
  "Details": "text",
  "Code": 1
}

Perform some system wide commands.

post
Authorizations
Body
one ofOptional
or
or
or
or
Responses
200
Successful command execution
application/json
Responseone of
or
or
403
The requested does not have sufficient rights to perform the operation.
application/json
404
The specified resource was not found.
application/json
post
POST /api/v1/system HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 70

{
  "command": "setloglevel",
  "subsystems": [
    {
      "tag": "text",
      "value": "text"
    }
  ]
}
{
  "taglist": [
    {
      "tag": "text",
      "value": "text"
    }
  ]
}