Log in to the REST API Server

The fully qualified domain name (FQDN) for the REST API server is: api.ezcloudx.com.

You must have administrator credentials to log in to this server. Administrators with read-only privileges can make GET calls using a REST-API consuming program, but only fully privileged accounts can be used to make configuration changes through the REST API. For examples about using the REST API as a network administrator, see Network Management Examples.

To perform REST API operations in the MSP space, such as creating MSP partner, you must log in to the API using an account that grants MSP Power Admin privileges. For examples about using the REST API as an MSP Power Administrator, see MSP Examples.

Note

The attributes in this topic are a representative sample of what is a available. For a complete list of attributes, elements, and resources, see the main documentation of the REST API. The documentation resides in a user interface that is accessed using this URL: http://api.extremenetworks.com/extremecloud/rest_api/index.html

1. From a REST API tool, such as Postman or Advanced REST Client, select the POST method and enter the Request URL: http://api.ezcloudx.com:port/management/v1/oauth2/token
2. Set the header type to application/JSON.
3. In the Body section, enter the request string: {"grantType":"password","userId":"example@domain.com","password":"examplePassword","scope":"myScope"}
4. Send the request. You receive an OAUTH2 in a JSON document if the call is successful.
   Example: Successful Response

   

   {
       "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ4YyIsImp0aSI6ImVkY2ZmNmJkLWVhZTMtNGEyMC1iZDQ0LTE1N2QzMjkxNTcyZCJ9.3W_6HiIECAx5ObMcGPRrzvKGCrvruHJOSfxV-UKUO2E",
       "token_type": "Bearer",
       "expires_in": 7200,
       "idle_timeout": 3600,
       "refresh_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ4YyIsImp0aSI6IjUyZjA0ZTJmLTRjZTgtNDBlYi04Njc3LTA0MmI3MTJiM2Q2MCJ9.r7yVcTwF-VrusE0MzMGtY_IldSPPA8gofeJooY2TUkQ",
       "twoFactorAuthenticationRequired": false,
       "resetPassword": false,
       "aclTemplate": {
           "id": "88648089-aaab-440a-8c37-598d566fa6af",
           "name": "SE Read Write",
           "aclTemplate": {
               "CreateAdmin": true,
               "CreateMSP": false,
               "CreateMSPEndCustomer": false,
               "CreateMSPPartner": false,
               "CreatePoC": true,
               "CreateSE": false,
               "Delete": true,
               "DeleteAdmin": true,
               "DeleteMSPEndCustomer": false,
               "DeleteMSPPartner": false,
               "DeletePoC": true,
               "DeleteSE": false,
               "DevOps": false,
               "DevopsOnly": false,
               "ERP": false,
               "EndCustomer": false,
               "Extreme TSG": false,
               "ExtremeCloud": false,
               "GTAC": false,
               "GetAdmin": true,
               "GetAllMSP": false,
               "GetAllSE": false,
               "GetMSP": false,
               "GetMSPPartner": false,
               "GetPoC": true,
               "GetSE": true,
               "GtacCapability": false,
               "MSP": false,
               "MSPPartner": false,
               "ManageERP": false,
               "ManageExtremeCloud": false,
               "ModifyAdmin": true,
               "ModifyMSP": false,
               "ModifyMSPEndCustomer": false,
               "ModifyMSPPartner": false,
               "ModifyPoC": true,
               "ModifySE": false,
               "Read": true,
               "ReadOnlyModifyAdmin": true,
               "ReadWrite": true,
               "ReadWriteCreate": true,
               "SE": true,
               "TSG": false,
               "MspAdmin": false
           },
           "alias": 0,
           "versionTimestamp": 1550471946368000
       }
   }

5. To use the token, create an HTTP Authorization Header that includes the authorization token as a Bearer credential. Although each programming tool has its own way to set the header, it is important is that the authorization header is created using the access_token from the login response. For the example in the previous step, the Authorization header should look like:
   

   authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJ4YyIsImp0aSI6ImVkY2ZmNmJkLWVhZTMtNGEyMC1iZDQ0LTE1N2QzMjkxNTcyZCJ9.3W_6HiIECAx5ObMcGPRrzvKGCrvruHJOSfxV-UKUO2E