Versions Compared

Old Version 18

changes.mady.by.user Bill Renner

Saved on

compared with

New Version 19

changes.mady.by.user The Force

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Converted from version 5.2.0

...

An API request looks like this: 
https://cloud.6connect.com/ex/api/v1/api.php?target=ipam&action=get&type=IP&mask=24

...

Instructions on decoding this return data can be found in the API endpoint documentation pages.

 

Using API Keys: 
When using the API without pre-established authentication to ProVision, you must include both your API Key and a specially-prepared query hash parameter, like so:

...

API Keys can be generated from your ProVision instance by navigating to the Admin panel by using the gear icon in the upper right hand corner, then navigating to the API tab.  The API tab will present the API authentication information in the following format:

API Key: 38 38-TMHQV8CV2XZYC2ZS  

Secret Key: 6e04e5822ce90feaa8947ded46c46878 6e04e5822ce90feaa8947ded46c46878

The secret key serves as an API password and is used in the creation of the API Authentication hash.  The formula for creating a API query hash from an API query and a Secret Key is the following:

Hash = Base64Encode( Sha256HMACHash ( QueryString, SecretKey ) )

In PHP, this would be performed with the following line of code:

$hash = base64_encode(hash_hmac('sha256', $_SERVER['QUERY_STRING'], $secretKey, TRUE));

Note
Because the hash function is computed based on the query string, you must calculate a unique hash for every API request!
Info

Example

Lets say you wanted to create a hash for the following API request:

https://cloud.6connect.com/6c_375/api/v1/api.php?target=ipam&action=get&type=IP&mask=24

And that your API Key and Secret Key are as follows:

API Key: 32-5DAYTJQY2TZHOFOB

Secret Key: 48b278ec873bda4738923dbc467f8669

The first step is to append your API Key to the URL.  The API Key indicates which user is executing the API query.

https://cloud.6connect.com/6c_375/api/v1/api.php?target=ipam&action=get&type=IP&mask=24&apiKey=32-5DAYTJQY2TZHOFOB

The next step is to isolate the Query String from the request URL.  The Query String is everything which follows the question mark.  So,

Query String: target=ipam&action=get&type=IP&mask=24&apiKey=32-5DAYTJQY2TZHOFOB

The next step is to calculate the SHA256 hash of this string with your Secret Key.  In PHP, this would be:

$sha256 = hash_hmac('sha256', "target=ipam&action=get&type=IP&mask=24&apiKey=32-5DAYTJQY2TZHOFOB", "48b278ec873bda4738923dbc467f8669", TRUE);

As this value has been 256-bit hashed, it will contain many unprintable characters.  The solution to this is to encode it in base 64 for transport.  Again, in PHP:

$hash = base64_encode($sha256);

Calculating it out yields the completed hash:

$hash = yneSFMyxPPe+3W4IOkVp50K3VStatBcRRak+2ygDUWQ=

The calculated hash can then be appended to the full API Query URL to form a completed request:

https://cloud.6connect.com/6c_375/api/v1/api.php?target=ipam&action=get&type=IP&mask=24&apiKey=32-5DAYTJQY2TZHOFOB&hash=yneSFMyxPPe+3W4IOkVp50K3VStatBcRRak+2ygDUWQ=

...