This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

XMC Client API Access Documentation

XMC Client API Access Documentation

marwin79
New Contributor

‎06-05-2020 06:13 AM

Hi

We’re using Extreme Networks Management with Access Control and I’m looking for a way to access Nothbound Interface (NBI) from external.

It is working right now with Basic Auth (Username/Password), but as I don’t want to maintain an “API” user, I would rellay like to use the API Client Access.

I was able to get a ticket from /oauth/token/access-token?grant_type=client_credentials and then access /nbi/graphql with that token.

But at the moment it’s a blackbox. What other “grant_type”s are supportet? What’s the proper workflow to renew tokens.

Unfortunately I’m not able to find any documentation for XMC OAuth. Anybody able to help?

0 Kudos
2 REPLIES 2

marwin79
New Contributor

‎06-05-2020 10:00 AM

Thanks for your reply. That’s basically what I found inbetween by trying. Just if somebody else finds itself lost in that topic, here some hints:

This one helps a lot to understand:

https://gitlab.com/rbrt-weiler/go-module-xmcnbiclient

Then the ‘grant_type=client_credentials’ is following the RFC

https://tools.ietf.org/html/rfc6749#section-4.4.2

 

Additionally I found out that the error 405 means that GET is used instead of POST.

 

So I’m a big step further, but an official documentation for using oauth would be very nice.

0 Kudos

Kurt_Semba
Extreme Employee

‎06-05-2020 09:43 AM

Hi Marwin,

here are code snippets from a script from my colleague that might help:

  1. Get Token

token_url = 'https://'+ self.host +':'+ str(self.port) +'/oauth/token/access-token?grant_type=client_credentials'

headers   = {"Content-Type" : "application/x-www-form-urlencoded"}

response = requests.post(token_url, auth=(id, secret), headers=headers, verify=False, timeout=5)

result = response.json()

self.token  = result[u'access_token']

 

  1. Build session (from requests import Session)

session         = Session()

            session.verify  = False

            session.timeout = self.timeout

            session.headers.update({'Accept':           'application/json',

                                    'Content-type':     'application/json',

                                    'Authorization':    'Bearer ' + self.token,

                                    'Cache-Control':    'no-cache',

                                    })

 

  1. Use that session to query the NBI

self.session.post( self.nbiUrl, json= {'query': nbi_query} )

 

Let me know if that helped.

Kurt

0 Kudos
GTM-P2G8KFN