OpenWiFi
2.6.0
2.1.02.0.02.2.01.0.02.10.03.0.02.7.02.8.02.11.02.4.02.9.02.6.02.5.0
2.6.0
2.1.02.0.02.2.01.0.02.10.03.0.02.7.02.8.02.11.02.4.02.9.02.6.02.5.0
  • OpenWiFi Release 2.6 GA
  • ABOUT
    • About OpenWiFi
    • Supported Hardware
    • Device Partner Information
    • Cloud Partner Information
    • Ordering OpenWiFi APs
    • Example Partner Integrations
  • OPENWIFI STACK
    • Overview
    • SDK
    • Cloud Discovery
      • Discovery without Cloud
    • Access Points
      • Local Device Settings
    • Code Repositories
    • Artifacts
  • SDK
    • Getting Started
    • Release 2.6 SDK
    • Provisioning for Integrators
      • Data Model Introduction
      • Creating a Configuration
    • User Interface for Admins
      • Provisioning
        • Creating Entities
          • Configurations
            • Metrics Settings Example
        • Creating Venues
          • Configurations
            • WAN
            • VAP - SSID
      • Inventory Association
      • Gateway
      • Devices
        • Commands
        • Statistics
        • Command History
      • Firmware
    • Monitoring
      • ELK Integration
  • SDK Installation
    • Overview
    • Deploy using Docker Compose
    • Deploy using Helm
  • Device Feature Configuration Examples
    • Basic Device Provisioning
      • Bridge Mode SSID
      • NAT Gateway Mode SSID
      • Multi-VLAN SSID
    • Advanced Device Feature Configuration Examples
      • Zero Touch Provisioning
      • DHCP Relay
      • Services
      • Metrics
      • GRE
      • L2TP
      • VxLAN
      • WDS
      • Mesh
      • QoS
      • Dynamic Air Time Fairness
      • Captive Portal
        • External Captive Portal
      • Roaming RRM and SON
      • RADIUS Authenticated SSID
        • Dynamic VLANs with RADIUS
        • WISPr Subscriber Bandwidth
        • Dynamic Multi PSK
        • RADIUS MAC-Auth
      • Multi-PSK (MDU Shared Key)
      • Wireguard
      • Dynamic Air-Time Policy
      • Passpoint®
        • Configuration Introduction
        • Advertising Services
        • Passpoint® Configuration
  • RELEASE
    • What's New
    • Features
    • Security Updates
    • Resolved Issues
    • Outstanding Items
    • Testing Results
  • DEVELOPER RESOURCES
    • SDK API
      • OpenAPI Definitions
      • Security Service
      • Gateway Service
      • Firmware Management Service
      • Provisioning Service
      • Analytics Service
      • Postman Collection
    • SDK KAFKA
      • Connection
      • Device Event Queue
      • Device Telemetry
      • Healthcheck
      • Provisioning Change
      • Service Events
      • State
      • WiFi Scan
Powered by GitBook
On this page
  1. DEVELOPER RESOURCES
  2. SDK API

Security Service

PreviousOpenAPI DefinitionsNextGateway Service

Last updated 2 years ago

Retrieve the system layout.

get
Authorizations
Responses
application/json
objectoptional
application/json
application/json
get
GET /api/v1/systemEndpoints HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

{
  "endpoints": [
    {
      "type": "text",
      "id": 1,
      "vendor": "text",
      "uri": "https://example.com",
      "authenticationType": "text"
    }
  ]
}

Retrieve a list of existing users as well as some information about them.

get
Authorizations
Query parameters
offsetinteger · int64optional
limitinteger · int64optional
filterstringoptional

Selecting this option means the newest record will be returned. Use limit to select how many.

idOnlybooleanoptional

Return only the ids.

selectstringoptional

Return only the ids.

Example: id1,id2,id3,id4,id5
Responses
application/json
application/json
get
GET /api/v1/users HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No Content

Retrieve the information for a single user.

get
Authorizations
Path parameters
idstring · uuidrequired
Responses
application/json
application/json
get
GET /api/v1/user/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No Content

Delete a single user.

delete
Authorizations
Path parameters
idinteger · int64required
Responses
application/json
objectoptional
application/json
application/json
delete
DELETE /api/v1/user/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

{
  "Operation": "text",
  "Details": "text",
  "Code": 1
}

Retrieve the avatar associated with a user ID.

get
Authorizations
Path parameters
idstring · uuidrequired
Responses
string · binaryoptional
application/json
application/json
get
GET /api/v1/avatar/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

binary

Remove an avatar associated with a user ID.

delete
Authorizations
Path parameters
idstring · uuidrequired
Responses
application/json
objectoptional
application/json
application/json
delete
DELETE /api/v1/avatar/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

{
  "Operation": "text",
  "Details": "text",
  "Code": 1
}

Retrieve the list of security profiles for a specific service type.

get
Authorizations
Query parameters
offsetintegeroptional

Pagination start (starts at 1. If not specified, 1 is assumed)

limitintegeroptional

Maximum number of entries to return (if absent, no limit is assumed)

filterstringoptional

Filter the results

Responses
application/json
application/json
get
GET /api/v1/securityProfiles HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No Content

Retrieve the basic system information. This information is used between services only.

get
Authorizations
Responses
application/json
application/json
get
GET /api/v1/systemServices HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No Content

Allows any microservice to validate a token and get security policy for a specific user.

get
Authorizations
Query parameters
tokenstringrequired
Responses
application/json
application/json
get
GET /api/v1/validateToken HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No Content

Retrieve different values from the running service.

get
Authorizations
Query parameters
commandstring · enumrequired

Get a value

Available options:
Responses
application/json
one ofoptional
application/json
application/json
get
GET /api/v1/system HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

{
  "version": "text",
  "uptime": 1,
  "start": 1,
  "os": "text",
  "processors": 1,
  "hostname": "text",
  "certificates": [
    {
      "filename": "text",
      "expires": 1
    }
  ]
}
  • POSTGet access token - to be used as Bearer token header for all other API requests.
  • DELETERevoke a token.
  • GETRetrieve the system layout.
  • GETRetrieve a list of existing users as well as some information about them.
  • GETRetrieve the information for a single user.
  • POSTCreate a single user.
  • PUTModify a single user.
  • DELETEDelete a single user.
  • GETRetrieve the avatar associated with a user ID.
  • POSTCreate an avatar associated with a user ID.
  • DELETERemove an avatar associated with a user ID.
  • POSTSend test email with the system.
  • POSTSend test email with the system.
  • GETRetrieve the list of security profiles for a specific service type.
  • GETRetrieve the basic system information. This information is used between services only.
  • GETAllows any microservice to validate a token and get security policy for a specific user.
  • GETRetrieve different values from the running service.
  • POSTPerform some system wide commands.

Revoke a token.

delete
Authorizations
Path parameters
tokenstringrequired
Responses
application/json
anyoptional

The requested operation was performed.

application/json
application/json
delete
DELETE /api/v1/oauth2/{token} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No Content

Get access token - to be used as Bearer token header for all other API requests.

post
Authorizations
Query parameters
newPasswordstringoptional

used when a user is trying to change her password. This will be the new password.

forgotPasswordbooleanoptional

A user forgot her password. She needs to present her e-mail address in the userId and set this to true

requirementsbooleanoptional

A user forgot her password. She needs to present her e-mail address in the userId and set this to true

resendMFACodebooleanoptional
completeMFAChallengebooleanoptional
Body
one ofoptional

User Id and password.

Responses
application/json
one ofoptional

Login and Refresh Tokens to be used in subsequent API calls.

application/json
application/json
post
POST /api/v1/oauth2 HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 53

{
  "userId": "support@example.com",
  "password": "support"
}
{
  "access_token": "text",
  "refresh_token": "text",
  "token_type": "text",
  "expires_in": 1,
  "idle_timeout": 1,
  "username": "text",
  "created": 1,
  "userMustChangePassword": true,
  "errorCode": 1,
  "aclTemplate": {
    "aclTemplate": {
      "Read": true,
      "ReadWrite": true,
      "ReadWriteCreate": true,
      "Delete": true,
      "PortalLogin": true
    }
  }
}

Create a single user.

post
Authorizations
Path parameters
idinteger · int64required
Query parameters
email_verificationbooleanoptional
Body
idstring · uuidoptional
namestringoptional
descriptionstringoptional
avatarstring · urioptional
emailstring · emailoptional
validatedbooleanoptional
validationEmailstring · emailoptional
validationDateinteger · int64optional
createdinteger · int64optional
validationURIstringoptional
changePasswordbooleanoptional
lastLogininteger · int64optional
currentLoginURIstringoptional
lastPasswordChangeinteger · int64optional
lastEmailCheckinteger · int64optional
currentPasswordstringoptional
lastPasswordsstring[]optional
waitingForEmailCheckbooleanoptional
notesobject[]optional
locationstring · uuidoptional
ownerstring · uuidoptional
suspendedbooleanoptional
blackListedbooleanoptional
localestringoptional
userRolestring · enumoptionalAvailable options:
oauthTypestring · enumoptionalAvailable options:
oauthUserInfostringoptional
securityPolicystringoptional
securityPolicyChangeinteger · int64optional
userTypeProprietaryInfoobjectoptional
Responses
application/json
application/json
post
POST /api/v1/user/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 869

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "avatar": "https://example.com",
  "email": "name@gmail.com",
  "validated": true,
  "validationEmail": "name@gmail.com",
  "validationDate": 1,
  "created": 1,
  "validationURI": "text",
  "changePassword": true,
  "lastLogin": 1,
  "currentLoginURI": "text",
  "lastPasswordChange": 1,
  "lastEmailCheck": 1,
  "currentPassword": "text",
  "lastPasswords": [
    "text"
  ],
  "waitingForEmailCheck": true,
  "notes": [
    {
      "created": 1,
      "createdBy": "text",
      "note": "text"
    }
  ],
  "location": "123e4567-e89b-12d3-a456-426614174000",
  "owner": "123e4567-e89b-12d3-a456-426614174000",
  "suspended": true,
  "blackListed": true,
  "locale": "text",
  "userRole": "root",
  "oauthType": "internal",
  "oauthUserInfo": "text",
  "securityPolicy": "text",
  "securityPolicyChange": 1,
  "userTypeProprietaryInfo": {
    "mobiles": [
      {
        "number": "text",
        "verified": true,
        "primary": true
      }
    ],
    "mfa": {
      "enabled": true,
      "method": "sms"
    }
  }
}
No Content

Modify a single user.

put
Authorizations
Path parameters
idinteger · int64required
Query parameters
email_verificationbooleanoptional
Body
idstring · uuidoptional
namestringoptional
descriptionstringoptional
avatarstring · urioptional
emailstring · emailoptional
validatedbooleanoptional
validationEmailstring · emailoptional
validationDateinteger · int64optional
createdinteger · int64optional
validationURIstringoptional
changePasswordbooleanoptional
lastLogininteger · int64optional
currentLoginURIstringoptional
lastPasswordChangeinteger · int64optional
lastEmailCheckinteger · int64optional
currentPasswordstringoptional
lastPasswordsstring[]optional
waitingForEmailCheckbooleanoptional
notesobject[]optional
locationstring · uuidoptional
ownerstring · uuidoptional
suspendedbooleanoptional
blackListedbooleanoptional
localestringoptional
userRolestring · enumoptionalAvailable options:
oauthTypestring · enumoptionalAvailable options:
oauthUserInfostringoptional
securityPolicystringoptional
securityPolicyChangeinteger · int64optional
userTypeProprietaryInfoobjectoptional
Responses
application/json
application/json
put
PUT /api/v1/user/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 869

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "avatar": "https://example.com",
  "email": "name@gmail.com",
  "validated": true,
  "validationEmail": "name@gmail.com",
  "validationDate": 1,
  "created": 1,
  "validationURI": "text",
  "changePassword": true,
  "lastLogin": 1,
  "currentLoginURI": "text",
  "lastPasswordChange": 1,
  "lastEmailCheck": 1,
  "currentPassword": "text",
  "lastPasswords": [
    "text"
  ],
  "waitingForEmailCheck": true,
  "notes": [
    {
      "created": 1,
      "createdBy": "text",
      "note": "text"
    }
  ],
  "location": "123e4567-e89b-12d3-a456-426614174000",
  "owner": "123e4567-e89b-12d3-a456-426614174000",
  "suspended": true,
  "blackListed": true,
  "locale": "text",
  "userRole": "root",
  "oauthType": "internal",
  "oauthUserInfo": "text",
  "securityPolicy": "text",
  "securityPolicyChange": 1,
  "userTypeProprietaryInfo": {
    "mobiles": [
      {
        "number": "text",
        "verified": true,
        "primary": true
      }
    ],
    "mfa": {
      "enabled": true,
      "method": "sms"
    }
  }
}
No Content

Create an avatar associated with a user ID.

post
Authorizations
Path parameters
idstring · uuidrequired
Body
string · binaryoptional
Responses
application/json
objectoptional
application/json
application/json
post
POST /api/v1/avatar/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: image/jpeg
Accept: */*
Content-Length: 8

"binary"
{
  "Operation": "text",
  "Details": "text",
  "Code": 1
}

Send test email with the system.

post
Authorizations
Body
fromstring · emailoptional
subjectstringoptional
recipientsstring · email[]optional
textstringoptional
Responses
application/json
objectoptional
application/json
application/json
application/json
post
POST /api/v1/email HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 88

{
  "from": "name@gmail.com",
  "subject": "text",
  "recipients": [
    "name@gmail.com"
  ],
  "text": "text"
}
{
  "Operation": "text",
  "Details": "text",
  "Code": 1
}

Send test email with the system.

post
Authorizations
Query parameters
validateNumberbooleanoptional
completeValidationbooleanoptional
validationCodestringoptional
Body
fromstringoptional
tostringoptional
textstringoptional
Responses
application/json
objectoptional
application/json
application/json
application/json
post
POST /api/v1/sms HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 41

{
  "from": "text",
  "to": "text",
  "text": "text"
}
{
  "Operation": "text",
  "Details": "text",
  "Code": 1
}

Perform some system wide commands.

post
Authorizations
Body
one ofoptional
Responses
application/json
one ofoptional
application/json
application/json
post
POST /api/v1/system HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 70

{
  "command": "setloglevel",
  "subsystems": [
    {
      "tag": "text",
      "value": "text"
    }
  ]
}
{
  "taglist": [
    {
      "tag": "text",
      "value": "text"
    }
  ]
}