cancel
Showing results for 
Search instead for 
Did you mean: 

XMC Client API Access Documentation

XMC Client API Access Documentation

marwin79
New Contributor

Hi

We’re using Extreme Networks Management with Access Control and I’m looking for a way to access Nothbound Interface (NBI) from external.

It is working right now with Basic Auth (Username/Password), but as I don’t want to maintain an “API” user, I would rellay like to use the API Client Access.

I was able to get a ticket from /oauth/token/access-token?grant_type=client_credentials and then access /nbi/graphql with that token.

But at the moment it’s a blackbox. What other “grant_type”s are supportet? What’s the proper workflow to renew tokens.

Unfortunately I’m not able to find any documentation for XMC OAuth. Anybody able to help?

2 REPLIES 2

marwin79
New Contributor

Thanks for your reply. That’s basically what I found inbetween by trying. Just if somebody else finds itself lost in that topic, here some hints:

This one helps a lot to understand:

https://gitlab.com/rbrt-weiler/go-module-xmcnbiclient

Then the ‘grant_type=client_credentials’ is following the RFC

https://tools.ietf.org/html/rfc6749#section-4.4.2

 

Additionally I found out that the error 405 means that GET is used instead of POST.

 

So I’m a big step further, but an official documentation for using oauth would be very nice.

Kurt_Semba
Extreme Employee

Hi Marwin,

here are code snippets from a script from my colleague that might help:

  1. Get Token

token_url = 'https://'+ self.host +':'+ str(self.port) +'/oauth/token/access-token?grant_type=client_credentials'

headers   = {"Content-Type" : "application/x-www-form-urlencoded"}

response = requests.post(token_url, auth=(id, secret), headers=headers, verify=False, timeout=5)

result = response.json()

self.token  = result[u'access_token']

 

  1. Build session (from requests import Session)

session         = Session()

            session.verify  = False

            session.timeout = self.timeout

            session.headers.update({'Accept':           'application/json',

                                    'Content-type':     'application/json',

                                    'Authorization':    'Bearer ' + self.token,

                                    'Cache-Control':    'no-cache',

                                    })

 

  1. Use that session to query the NBI

self.session.post( self.nbiUrl, json= {'query': nbi_query} )

 

Let me know if that helped.

Kurt

GTM-P2G8KFN