ExtremeCloud IQ Developer
Shangquan Wen
2022-03-03

Authentication

The ExtremeCloud IQ API uses Bearer token as access token to authenticate requests. All API requests except login request without a valid access token will be failed.

# Issue access token

The access token is issued via POST /login endpoint when user provides a valid username and password.

# Access token format

The access token is encoded as JSON Web Token (JWT) format. Normally you don't need to care about the content of the token, just pass it as Bearer token.

TIP

  • In case you are interested in the content of the token, you can decode it with any supported JWT libraries.
  • If you don't have a handy tool, you can also use online tool jwt.io (opens new window) to decode it manually.

# Access token lifetime

The access token is valid for 1 day (86400 seconds). The client MUST request a new access token before it expires.

# Revoke access token

The access token can be revoked via POST /logout endpoint before it expires.

TIP

When calling this endpoint, the current access token will be revoked and the following access with the same token will be immediately denied.

# Example

We will demonstrate a very simple use case with curl command.

  1. Login with username and password
curl -X POST 'https://api.extremecloudiq.com/login' \
  -H 'Content-Type: application/json' \
  -d '{
  "username" : "admin@cust001.com",
  "password" : "<ChangeMe>"
}'
1
2
3
4
5
6

The response is:

HTTP/1.1 200 OK
Content-Length: 1937
Pragma: no-cache
X-XSS-Protection: 1; mode=block
Expires: 0
X-Content-Type-Options: nosniff
Content-Type: application/json;charset=UTF-8
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Cache-Control: no-cache, no-store, max-age=0, must-revalidate

{
  "access_token" : "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbkBjdXN0MDAxLmNvbSIsInVzZXJfaWQiOjEsInJvbGUiOiJBZG1pbmlzdHJhdG9yIiwib3duZXJfaWQiOjEwMiwiZGF0YV9jZW50ZXIiOiJVU19XRVNUIiwiY3VzdG9tZXJfaWQiOjEsImN1c3RvbWVyX21vZGUiOjAsImhpcV9lbmFibGVkIjp0cnVlLCJvcmdfaWQiOjAsInF1b3RhIjoiNzUwMDt3PTM2MDAiLCJzaGFyZCI6IlVTIiwiaXNzIjoiZXh0cmVtZWNsb3VkaXEuY29tIiwiaWF0IjoxNjQ2Mjc2MTI4LCJleHAiOjE2NDY4ODA5Mjh9.3OCwxKs90TRQLf1o4OWA2EWvlVeJitTYZ3Hd9gaIOdw",
  "token_type" : "Bearer",
  "expires_in" : 604800
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
  1. Call any API, such as get device list, with the returned access token
curl -X GET 'https://api.extremecloudiq.com/devices?page=1&limit=10' \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbkBjdXN0MDAxLmNvbSIsInVzZXJfaWQiOjEsInJvbGUiOiJBZG1pbmlzdHJhdG9yIiwib3duZXJfaWQiOjEwMiwiZGF0YV9jZW50ZXIiOiJVU19XRVNUIiwiY3VzdG9tZXJfaWQiOjEsImN1c3RvbWVyX21vZGUiOjAsImhpcV9lbmFibGVkIjp0cnVlLCJvcmdfaWQiOjAsInF1b3RhIjoiNzUwMDt3PTM2MDAiLCJzaGFyZCI6IlVTIiwiaXNzIjoiZXh0cmVtZWNsb3VkaXEuY29tIiwiaWF0IjoxNjQ2Mjc2MTI4LCJleHAiOjE2NDY4ODA5Mjh9.3OCwxKs90TRQLf1o4OWA2EWvlVeJitTYZ3Hd9gaIOdw'
1
2
3
  1. Logout
curl -X POST 'https://api.extremecloudiq.com/logout' \
  -H 'Accept: */*' \
  -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbkBjdXN0MDAxLmNvbSIsInVzZXJfaWQiOjEsInJvbGUiOiJBZG1pbmlzdHJhdG9yIiwib3duZXJfaWQiOjEwMiwiZGF0YV9jZW50ZXIiOiJVU19XRVNUIiwiY3VzdG9tZXJfaWQiOjEsImN1c3RvbWVyX21vZGUiOjAsImhpcV9lbmFibGVkIjp0cnVlLCJvcmdfaWQiOjAsInF1b3RhIjoiNzUwMDt3PTM2MDAiLCJzaGFyZCI6IlVTIiwiaXNzIjoiZXh0cmVtZWNsb3VkaXEuY29tIiwiaWF0IjoxNjQ2Mjc2MTI4LCJleHAiOjE2NDY4ODA5Mjh9.3OCwxKs90TRQLf1o4OWA2EWvlVeJitTYZ3Hd9gaIOdw' \
  -d ''
1
2
3
4
LastUpdated: 2022/05/12, 19:30:31
Dynamic REST API Response
Long-Running Operations

Long-Running Operations

Copyright © 1996-2022 Extreme Networks