...
API requests can be generated within the web UI by the API Request Generator, or generated programatically in any language.
An API request looks like this:
https://cloud.6connect.com/ex/api/v1/api.php?target=ipam&action=get&type=IP&mask=24
...
An API response looks like this:
{"success":1, "message":"1 blocks found", "data":[{"id":"7539","oct1":"1","oct2":"2","oct3":"3","oct4":"0","mask":"24","child1":null,"child2":null,"is_assigned":"0","is_swipped":"0", "is_aggregate":"1","custid":"holding","last_updated_time":"2012-03-20 09:49:00","description":null,"parent":null,"rir":"ARIN","notes":"2012-03-20 09:49:00","generic_code":null,"region":null,"vlan":null,"arin_net_id":null,"arin_cust_id":null,"arin_swip_time":"0000-00-00 00:00:00","assigned_time":"2012-03-20 09:45:12"}]}
Using API keysKeys:
When using the API without pre-established authentication to ProVision, you must include both your API Key and a specially-prepared query hash parameter, like so:
...
And that your API Key and Secret Key are as follows:
API Key:41 32-HSLH4QZQX6IAOOJS 5DAYTJQY2TZHOFOB
Secret Key: 889f33027c902061d023d8b0ee39b100 48b278ec873bda4738923dbc467f8669
The first step is to append your API Key to the URL. The API Key indicates which user is executing the API query.
https://cloud.6connect.com/6c_375/api/v1/api.php?target=ipam&action=get&type=IP&mask=24&apiKey=4132-HSLH4QZQX6IAOOJS 5DAYTJQY2TZHOFOB
The first step is to isolate the Query String from the request URL. The Query String is everything which follows the question mark. So,
Query String: target=ipam&action=get&type=IP&mask=24&apiKey=4132-HSLH4QZQX6IAOOJS 5DAYTJQY2TZHOFOB
The next step is to calculate the SHA256 hash of this string with your Secret Key. In PHP, this would be:
$sha256 = hash_hmac('sha256', "target=ipam&action=get&type=IP&mask=24&apiKey=4132-HSLH4QZQX6IAOOJS 5DAYTJQY2TZHOFOB", "889f33027c902061d023d8b0ee39b10048b278ec873bda4738923dbc467f8669", TRUE);
As this value has been 256-bit hashed, it will contain many unprintable characters. The solution to this is to encode it in base 64 for transport. Again, in PHP:
...
Calculating it out yields the completed hash:
$hash = xxakpAz2B8XX41DY2jjh14fgfn3os6xg9DokMUff0T4 yneSFMyxPPe+3W4IOkVp50K3VStatBcRRak+2ygDUWQ=
The calculated hash can then be appended to the full API Query URL to form a completed request:
https://cloud.6connect.com/6c_375/api/v1/api.php?target=ipam&action=get&type=IP&mask=24&apiKey=4132-HSLH4QZQX6IAOOJS5DAYTJQY2TZHOFOB&hash=xxakpAz2B8XX41DY2jjh14fgfn3os6xg9DokMUff0T4yneSFMyxPPe+3W4IOkVp50K3VStatBcRRak+2ygDUWQ=
A Note on False Positives
...
To ensure that session-based authentication is not polluting your API-Key based testing, always use a separate browser which is not logged in to your ProVision instance to test API queries. apiKey: Found at Admin→API
hash: The hash is generated from your secret key and the query string. The exact algorithm is base64_encode(hash_hmac('sha256', preg_replace('/&hash=.*$/', '', $_SERVER['QUERY_STRING']), $secretKey, TRUE)); but the PHP-SDK is the supported method of accessing the API.
An easy way to test the API and ensure that keys for a user are setup correctly, is to use the API Request Generator, located in the web interface at Admin→API. Fill out the fields specifying the type of request, and any additional data. Click "Generate Request URL", and copy and paste the resulting URL into a web browser. The request URL and response will look like those listed above.
Other Languages
The The 6Connect API can be used in just about any scripting or programming language. We We have a a PHP SDK that that provides example code, and several useful functions for interacting with the API. Even if you don't want to use PHP, the samples will help you create code in other languages.