topic Re: XMC Client API Access Documentation in ExtremeCloud IQ- Site Engine Management Center https://community.extremenetworks.com/t5/extremecloud-iq-site-engine/xmc-client-api-access-documentation/m-p/81502#M9044 <P>Hi Marwin,</P> <P>here are code snippets from a script from my colleague that might help:</P> <OL type="1"><LI>Get Token</LI> </OL><P>token_url&nbsp;=&nbsp;'https://'+&nbsp;self.host&nbsp;+':'+&nbsp;str(self.port)&nbsp;+'/oauth/token/access-token?grant_type=client_credentials'</P> <P>headers&nbsp;&nbsp;&nbsp;=&nbsp;{"Content-Type"&nbsp;:&nbsp;"application/x-www-form-urlencoded"}</P> <P>response&nbsp;=&nbsp;requests.post(token_url,&nbsp;auth=(id,&nbsp;secret),&nbsp;headers=headers,&nbsp;verify=False,&nbsp;timeout=5)</P> <P>result&nbsp;=&nbsp;response.json()</P> <P>self.token&nbsp;&nbsp;=&nbsp;result[u'access_token']</P> <P>&nbsp;</P> <OL start="2" type="1"><LI>Build session (from requests import Session)</LI> </OL><P>session&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;Session()</P> <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;session.verify&nbsp;&nbsp;=&nbsp;False</P> <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;session.timeout&nbsp;=&nbsp;self.timeout</P> <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;session.headers.update({'Accept':&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'application/json',</P> <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'Content-type':&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'application/json',</P> <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'Authorization':&nbsp;&nbsp;&nbsp;&nbsp;'Bearer&nbsp;'&nbsp;+&nbsp;self.token,</P> <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'Cache-Control':&nbsp;&nbsp;&nbsp;&nbsp;'no-cache',</P> <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;})</P> <P>&nbsp;</P> <OL start="3" type="1"><LI>Use that session to query the NBI</LI> </OL><P>self.session.post(&nbsp;self.nbiUrl,&nbsp;json=&nbsp;{'query':&nbsp;nbi_query}&nbsp;)</P> <P>&nbsp;</P> <P>Let me know if that helped.</P> <P>Kurt</P> Fri, 05 Jun 2020 16:43:06 GMT Kurt_Semba 2020-06-05T16:43:06Z XMC Client API Access Documentation https://community.extremenetworks.com/t5/extremecloud-iq-site-engine/xmc-client-api-access-documentation/m-p/81501#M9043 <P>Hi</P> <P>We’re using Extreme Networks Management with Access Control and I’m looking for a way to access Nothbound Interface (NBI) from external.</P> <P>It is working right now with Basic Auth (Username/Password), but as I don’t want to maintain an “API” user, I would rellay like to use the API Client Access.</P> <P>I was able to get a ticket from /oauth/token/access-token?grant_type=client_credentials and then access /nbi/graphql with that token.</P> <P>But at the moment it’s a blackbox. What other “grant_type”s are supportet? What’s the proper workflow to renew tokens.</P> <P>Unfortunately I’m not able to find any documentation for XMC OAuth. Anybody able to help?</P> Fri, 05 Jun 2020 13:13:30 GMT https://community.extremenetworks.com/t5/extremecloud-iq-site-engine/xmc-client-api-access-documentation/m-p/81501#M9043 marwin79 2020-06-05T13:13:30Z Re: XMC Client API Access Documentation https://community.extremenetworks.com/t5/extremecloud-iq-site-engine/xmc-client-api-access-documentation/m-p/81502#M9044 <P>Hi Marwin,</P> <P>here are code snippets from a script from my colleague that might help:</P> <OL type="1"><LI>Get Token</LI> </OL><P>token_url&nbsp;=&nbsp;'https://'+&nbsp;self.host&nbsp;+':'+&nbsp;str(self.port)&nbsp;+'/oauth/token/access-token?grant_type=client_credentials'</P> <P>headers&nbsp;&nbsp;&nbsp;=&nbsp;{"Content-Type"&nbsp;:&nbsp;"application/x-www-form-urlencoded"}</P> <P>response&nbsp;=&nbsp;requests.post(token_url,&nbsp;auth=(id,&nbsp;secret),&nbsp;headers=headers,&nbsp;verify=False,&nbsp;timeout=5)</P> <P>result&nbsp;=&nbsp;response.json()</P> <P>self.token&nbsp;&nbsp;=&nbsp;result[u'access_token']</P> <P>&nbsp;</P> <OL start="2" type="1"><LI>Build session (from requests import Session)</LI> </OL><P>session&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;Session()</P> <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;session.verify&nbsp;&nbsp;=&nbsp;False</P> <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;session.timeout&nbsp;=&nbsp;self.timeout</P> <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;session.headers.update({'Accept':&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'application/json',</P> <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'Content-type':&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'application/json',</P> <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'Authorization':&nbsp;&nbsp;&nbsp;&nbsp;'Bearer&nbsp;'&nbsp;+&nbsp;self.token,</P> <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'Cache-Control':&nbsp;&nbsp;&nbsp;&nbsp;'no-cache',</P> <P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;})</P> <P>&nbsp;</P> <OL start="3" type="1"><LI>Use that session to query the NBI</LI> </OL><P>self.session.post(&nbsp;self.nbiUrl,&nbsp;json=&nbsp;{'query':&nbsp;nbi_query}&nbsp;)</P> <P>&nbsp;</P> <P>Let me know if that helped.</P> <P>Kurt</P> Fri, 05 Jun 2020 16:43:06 GMT https://community.extremenetworks.com/t5/extremecloud-iq-site-engine/xmc-client-api-access-documentation/m-p/81502#M9044 Kurt_Semba 2020-06-05T16:43:06Z Re: XMC Client API Access Documentation https://community.extremenetworks.com/t5/extremecloud-iq-site-engine/xmc-client-api-access-documentation/m-p/81503#M9045 <P>Thanks for your reply. That’s basically what I found inbetween by trying. Just if somebody else finds itself lost in that topic, here some hints:</P> <P>This one helps a lot to understand:</P> <P><A href="https://gitlab.com/rbrt-weiler/go-module-xmcnbiclient" target="_blank" rel="nofollow noreferrer noopener">https://gitlab.com/rbrt-weiler/go-module-xmcnbiclient</A></P> <P>Then the ‘grant_type=client_credentials’ is following the RFC</P> <P><A href="https://tools.ietf.org/html/rfc6749#section-4.4.2" target="_blank" rel="nofollow noreferrer noopener">https://tools.ietf.org/html/rfc6749#section-4.4.2</A></P> <P>&nbsp;</P> <P>Additionally I found out that the error 405 means that GET is used instead of POST.</P> <P>&nbsp;</P> <P>So I’m a big step further, but an official documentation for using oauth would be very nice.</P> Fri, 05 Jun 2020 17:00:02 GMT https://community.extremenetworks.com/t5/extremecloud-iq-site-engine/xmc-client-api-access-documentation/m-p/81503#M9045 marwin79 2020-06-05T17:00:02Z