Security Services REST APIs (1.1.12)

Download OpenAPI specification:Download

Customer REST APIs used to connect to Security Services Platform.

Authentication

authId

Security Scheme Type HTTP
HTTP Authorization Scheme bearer
Bearer format "JWT"

Authentication APIs

/authenticate

post/authenticate
https://ssapi.services.u-blox.com/v1/authenticate

Authenticates an APIKey and matching secret and returns an AuthToken and RefreshToken

Request Body schema: application/json
APIKey
required
string

The APIKey created and provided to the client by their u-blox FAE support. This is one of the two values (including the APISecret) required to create the Authorization (AuthToken) and Refresh (RefreshToken) headers. It must be current and valid for the client.

APISecret
required
string

The APISecret linked to and created at the same time as the APIKey. The APISecret will also be provided to the client by their u-blox FAE support - it must be current and valid for the APIKey.

Responses

200
Successful Request.
400
Bad Request
401
Not Authorized
404
Not Found

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "APIKey": "0d636af8-d001-49ba-86d3-80f21272c14a",
  • "APISecret": "nqnazbOMuKAalu9KZwHKyN7tnJua96ki"
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "AuthToken": "eyJraWQiOiJwZFc0elY4dGlEaDhjUWREUTIrOXQ5SmhMZ2w1bGpNTW5Lcm1aVTRxV1M0PSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJmNTEwZTAxZS1lOWNlLTRiNGYtOTI2Mi1lOWE3NGJiNjhhNGUiLCJhdWQiOiI1ZTZydmMwb2Fhc2FwYWs1NHZjNTFxdmRkMSIsImV2ZW50X2lkIjoiYzViOGEzMWEtYjc1My00NjEwLTg3MWUtNWRkOGFiZmZlMjk1IiwidG9rZW5fdXNlIjoiaWQiLCJhdXRoX3RpbWUiOjE1NzY0ODg4MTgsImlzcyI6Imh0dHBzOlwvXC9jb2duaXRvLWlkcC5ldS13ZXN0LTEuYW1hem9uYXdzLmNvbVwvZXUtd2VzdC0xX1pvNmExYzI5SSIsImNvZ25pdG86dXNlcm5hbWUiOiI3NTExMmQ0OC1iMjFkLTRmYzItYmJlMS01MjBmMWYxY2IxYWY0djdqS3MzcFlPNlp4S1o3NTh0MUhMNnEzQ3FQZkV2OWx5THRCZzUzIiwiZXhwIjoxNTc2NDkyNDE4LCJpYXQiOjE1NzY0ODg4MTh9.KEqQlBGji-x6q48N0QC92MDyYaqvoE1yjlDZIT-Wm83JTd_N4gg04Fft1LhBf_n5kcaG8ozNOcoQqnvGSgRc3WdiRRt10VLjWelLxTCZv-KfdE_yytxMQyz8okW934hyDCHEICCPFcVFuguNKgLvROaRbrdyXvjxRp19wJMoFIxTyq_HVKNsXE4pMjRzOe8aUVPknv-ahwWptOGmkLItn6kPvKze5dRjrZ_TCX1JA9ctWutQsA3xVudkAigX5abPU67ERCcC18MWcb2suJdKAJ_LEbNu9oaVxhK4BKyAsGXgzfJDcmzmvah-HpfRZILKOk2aFI3pJuT5bIvRk714DA",
  • "RefreshToken": "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.BET2RibujxYPTb8J9MmsvK567rSyNKinEWKUMW5DwXDmN-_iK78UVDeNZcsBMHat7Q0QDPRV_JJwtW9WUb9QIT1PboCi8G7Umq-UzMY0VKgEgjzvC2dz0USDljE7rI9PsizL35g52WOYdyjuOz-5ywmtzJW_Gm4w6pJ7tZFV3C_fzD107QVWIMZJkEcdz_qXMh_xrtHtIjPtgtVwydfTugiBKUIdKp1MDXayEXHObCRnQ-wT_PYPf5kpyK2HdrkkafZ-bLcT1Ot1xX5Won3oReYvaaRGjODbzpSCmTRK19-vtUHdmbijOtlwbXIib2ywy5I0NFI_oz1vB6m14LUuwQ.5jr8P9WBumUqQ0py.n-DjibjN8GgrMlzushDQNCCM1ycqD-QXCBoGCbfdKTGasREloXu8-GOgdABlkHdkUIWbls8Yy081p2ralIZJ5ARrhpaLspuxYf3uCUO2sHGJoSXpyNUuI74je2qGu6SVMwmJsa3Mw_aduAjIldcfYk_BqCVrjAO4Hr33pkJJsVVkr9vgvSRA-Xd59QB_XcNU0Z871JeMT2tLkJlZKUJ7xQhAK5Uu1zozoUJpSsj5wmGo1wrMGNUKQ0Hbg0Y8j9yFJNeGbu8LRZeCUAT3T9KbvegihzpjBdlAg7qNBE8DaiwluYEhNIM9SCR5U8S9qO9X6CxJy4D408CWkid4iiU3rmJ7JO5fJiQQJ1YJob0W9KOimYZ8k9llFfYY8SpFq3N7q0qR_vIS0PgwE-rofuHafWUrksE-GXfa_L9HNAzrYdNA4sXwEUCQsv0cvcm-UklL02HMSLXv_A0y4O-UuSORe9ktpGog2pNm8Z-w6haDtszTu-7PMG18Rx-3B2luoX6rX7NadbFiEOpYl7jq5e1yW2gqntt_p66TWLmaB2_Hi47J2dkTszAhHc6L-kWqQ-MmOB2RuHHyvj0-NH-kiRIDH8NwfJYS36Z1YS1bwtxixkLeZ4szpl0QDB18MZEVJCr-98r0-4jXcIb05uL-piJtJr3hozjxGphMrV1ZcQe28NppkHUCPP99g8M7Rr_2e4v-TZWEN2twcKenciF6j6Vzgb-jD9xTNygIj7xQuw6GIw1RUIt9WpoKwL8sXZwpzQ-LXWvP6uw4lYfovGeUcx6HsUX3HKoSpMQnbmrIUmWmM4TyKLnrvSnVzwtQfzu6IIEC_bvG_O9Ke7a87rq8n9i9XkrpjmkXTcmw5Pp-wRHVlNriYvE_G_PhB5f2aBs9G-zuA5ybKIOExE-KRCCouji53lBJrgtO_Q0tfyhqjXW4zYSF-vStFgLAuEbYDjTiY0RB23OpPn2AVBVuQtFvxjKoBqgzTiPXhrsu_1QQ6joLEw5pJXJ07vMI1yWMj8Qro6MUwfdwappSjsEoopE9XG38w41yTpOj29spfjNWhVMG6e7Ohy5OvQ7_LK6_RgbbOHSajTXAv_dGhq2NN6uotnkTDYmoWxVVK5RoKBFlwBnyyB6H5s6rRcPLJIyXlySTOlL66rOIZbHz92eYmCC334dMiDEMuZcAjwgDsMOX8nfFIBFVNgdmlQYk1fxrU_JG5uvm1_dhmI3bKrmOMB9OdwGHoEyNd8fYcFVacB9hhhY_ejLe_2rkNhPbu5ONGeq6MrFGaa-we_BBjA25X9Zlr8Y8DDnjYQsOYRs3acA7uuy-gJ6AdQ7CYuZtLamN4JlXMhQP6VzQYVULYDooMSwOI4kqhotGLW0YM4XmC9x8nc3A-dRZW5fNA6A3WeqEJuwZ8Vpiwh8.1rMwObTlw4-WhgQA6W0Ixg"
}

/refreshauthtoken

post/refreshauthtoken
https://ssapi.services.u-blox.com/v1/refreshauthtoken

Allows the creation of a new AuthToken. The RefreshToken can be used for 3 days

Authorizations:
Request Body schema: application/json
APIKey
required
string

The APIKey created and provided to the client by their u-blox FAE support. It must be current and valid for the client.

RefreshToken
required
string

The Token used to create a new Authorization header. The RefreshToken can only be used to create a new AuthToken if the RefreshToken is not more than 3 days old.

Responses

200
Successful Request.
400
Bad Request
401
Not Authorized
404
Not Found

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "APIKey": "0d636af8-d001-49ba-86d3-80f21272c14a",
  • "RefreshToken": "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.BET2RibujxYPTb8J9MmsvK567rSyNKinEWKUMW5DwXDmN-_iK78UVDeNZcsBMHat7Q0QDPRV_JJwtW9WUb9QIT1PboCi8G7Umq-UzMY0VKgEgjzvC2dz0USDljE7rI9PsizL35g52WOYdyjuOz-5ywmtzJW_Gm4w6pJ7tZFV3C_fzD107QVWIMZJkEcdz_qXMh_xrtHtIjPtgtVwydfTugiBKUIdKp1MDXayEXHObCRnQ-wT_PYPf5kpyK2HdrkkafZ-bLcT1Ot1xX5Won3oReYvaaRGjODbzpSCmTRK19-vtUHdmbijOtlwbXIib2ywy5I0NFI_oz1vB6m14LUuwQ.5jr8P9WBumUqQ0py.n-DjibjN8GgrMlzushDQNCCM1ycqD-QXCBoGCbfdKTGasREloXu8-GOgdABlkHdkUIWbls8Yy081p2ralIZJ5ARrhpaLspuxYf3uCUO2sHGJoSXpyNUuI74je2qGu6SVMwmJsa3Mw_aduAjIldcfYk_BqCVrjAO4Hr33pkJJsVVkr9vgvSRA-Xd59QB_XcNU0Z871JeMT2tLkJlZKUJ7xQhAK5Uu1zozoUJpSsj5wmGo1wrMGNUKQ0Hbg0Y8j9yFJNeGbu8LRZeCUAT3T9KbvegihzpjBdlAg7qNBE8DaiwluYEhNIM9SCR5U8S9qO9X6CxJy4D408CWkid4iiU3rmJ7JO5fJiQQJ1YJob0W9KOimYZ8k9llFfYY8SpFq3N7q0qR_vIS0PgwE-rofuHafWUrksE-GXfa_L9HNAzrYdNA4sXwEUCQsv0cvcm-UklL02HMSLXv_A0y4O-UuSORe9ktpGog2pNm8Z-w6haDtszTu-7PMG18Rx-3B2luoX6rX7NadbFiEOpYl7jq5e1yW2gqntt_p66TWLmaB2_Hi47J2dkTszAhHc6L-kWqQ-MmOB2RuHHyvj0-NH-kiRIDH8NwfJYS36Z1YS1bwtxixkLeZ4szpl0QDB18MZEVJCr-98r0-4jXcIb05uL-piJtJr3hozjxGphMrV1ZcQe28NppkHUCPP99g8M7Rr_2e4v-TZWEN2twcKenciF6j6Vzgb-jD9xTNygIj7xQuw6GIw1RUIt9WpoKwL8sXZwpzQ-LXWvP6uw4lYfovGeUcx6HsUX3HKoSpMQnbmrIUmWmM4TyKLnrvSnVzwtQfzu6IIEC_bvG_O9Ke7a87rq8n9i9XkrpjmkXTcmw5Pp-wRHVlNriYvE_G_PhB5f2aBs9G-zuA5ybKIOExE-KRCCouji53lBJrgtO_Q0tfyhqjXW4zYSF-vStFgLAuEbYDjTiY0RB23OpPn2AVBVuQtFvxjKoBqgzTiPXhrsu_1QQ6joLEw5pJXJ07vMI1yWMj8Qro6MUwfdwappSjsEoopE9XG38w41yTpOj29spfjNWhVMG6e7Ohy5OvQ7_LK6_RgbbOHSajTXAv_dGhq2NN6uotnkTDYmoWxVVK5RoKBFlwBnyyB6H5s6rRcPLJIyXlySTOlL66rOIZbHz92eYmCC334dMiDEMuZcAjwgDsMOX8nfFIBFVNgdmlQYk1fxrU_JG5uvm1_dhmI3bKrmOMB9OdwGHoEyNd8fYcFVacB9hhhY_ejLe_2rkNhPbu5ONGeq6MrFGaa-we_BBjA25X9Zlr8Y8DDnjYQsOYRs3acA7uuy-gJ6AdQ7CYuZtLamN4JlXMhQP6VzQYVULYDooMSwOI4kqhotGLW0YM4XmC9x8nc3A-dRZW5fNA6A3WeqEJuwZ8Vpiwh8.1rMwObTlw4-WhgQA6W0Ixg"
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "AuthToken": "eyJraWQiOiJwZFc0elY4dGlEaDhjUWREUTIrOXQ5SmhMZ2w1bGpNTW5Lcm1aVTRxV1M0PSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJmNTEwZTAxZS1lOWNlLTRiNGYtOTI2Mi1lOWE3NGJiNjhhNGUiLCJhdWQiOiI1ZTZydmMwb2Fhc2FwYWs1NHZjNTFxdmRkMSIsImV2ZW50X2lkIjoiYzViOGEzMWEtYjc1My00NjEwLTg3MWUtNWRkOGFiZmZlMjk1IiwidG9rZW5fdXNlIjoiaWQiLCJhdXRoX3RpbWUiOjE1NzY0ODg4MTgsImlzcyI6Imh0dHBzOlwvXC9jb2duaXRvLWlkcC5ldS13ZXN0LTEuYW1hem9uYXdzLmNvbVwvZXUtd2VzdC0xX1pvNmExYzI5SSIsImNvZ25pdG86dXNlcm5hbWUiOiI3NTExMmQ0OC1iMjFkLTRmYzItYmJlMS01MjBmMWYxY2IxYWY0djdqS3MzcFlPNlp4S1o3NTh0MUhMNnEzQ3FQZkV2OWx5THRCZzUzIiwiZXhwIjoxNTc2NDkyNjUzLCJpYXQiOjE1NzY0ODkwNTN9.JL69Bk9B1VYI8ZIKbZBYFJM7LWVEheyHSOc_LA3o3ZNQieYjOOJmTc56qOsNNPX03j2G91OXnaZqJDAhkuz759WHFgTZ4PQt45VhnFSJRf-cxXEGKIYY9vS5Pyi9USpOuKt6zRuD1yoZTsRScQaKV5jV0kDmu1f4nwmM38XFKY7NL37-AntoYk4pRLeuK3zQt3AHHFNeBXBEckD1HakdEXWubRXj7x9dWZ1Q00ttw6Ca9FN_UHcRg265QOhhGzEYd7q-f8VTDDgHQrvNL43UJ9-Xl_WLG-26q9IxNwVRW0N_veIu4w9TLYLHczWfBLEH86ZqA3K7E2KiANoxVXj0vA"
}

Device Profile APIs

/deviceprofile/create

post/deviceprofile/create
https://ssapi.services.u-blox.com/v1/deviceprofile/create

The API call to create a new Device Profile for a specific account.

Authorizations:
Request Body schema: application/json
ProfileName
required
string

The Device Profile name that will be used to references the DeviceProfileUID thst is created.

Responses

200
Successful Request.
400
Bad Request.
401
Not Authorized.
500
Internal Server Error.

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "ProfileName": "EvaluationProfile"
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "DeviceProfileUID": "wJQrRxCpUEWZjnqmUOi46g",
  • "ProfileName": "EvaluationProfile"
}

/deviceprofile/get

post/deviceprofile/get
https://ssapi.services.u-blox.com/v1/deviceprofile/get

The API call to get a list of all created Device Profiles. This API returns a paginated response, which means in order to get to next set of records, you would have to give PageNumber in request body.

Authorizations:
Request Body schema: application/json
TagNames
Array of strings

Give a list of tag names, and all device profiles associated with them will be returned.

PageNumber
number

Defaults to 1 if not given.

Responses

200
Successful Request.
400
Bad Request.
401
Not Authorized.
500
Internal Server Error.

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "TagNames":
    [
    ],
  • "PageNumber": 1
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "DeviceProfiles":
    [
    ],
  • "PageNumber": 1,
  • "PageSize": 100,
  • "TotalRecords": 15
}

/deviceprofile/bootstrapprovisioning/set

post/deviceprofile/bootstrapprovisioning/set
https://ssapi.services.u-blox.com/v1/deviceprofile/bootstrapprovisioning/set

Set or update feature authorizations (Local Data Protection, Local Chip-to-Chip Security, Local Chip-to-Chip Security Key Pairing, ZTPV1), and network parameters (Security Heartbeat) on new devices (i.e.: they have not bootstrapped). Provisioning will happen when the device bootstraps.

Enables or disables feature authorization and network parameters on the list of devices that belong to provided DeviceProfileUID in the request.

For BASIC accounts: This API is only available for standard accounts.

Authorizations:
Request Body schema: application/json
DeviceProfileUID
required
string ^(.*)$

DeviceProfileUID against which security features will be set.

Provisioning
required
object

The desired feature authorizations and/or network parameters to be provisioned on DeviceProfileUID.
Note: Only Local Data Protection (LocalDPR), Local Chip-to-Chip Security (LocalC2C), Local Chip-to-Chip Key Pairing (LocalC2CKeyPairing), and Zerotouch provisioning (ZTPV1) security services can be updated using this API. In addition, Security Heartbeat (SecurityHeartbeatInSec) network parameter can also be set using this API.

Responses

200
Successful Request.

An empty JSON response is returned.

400
Bad Request.
401
Not Authorized.
404
Not Found.

Request samples

Content type
application/json
Example
Copy
Expand all Collapse all
{
  • "DeviceProfileUID": "AyvylmHVdUiHQzUaCjOmC",
  • "Provisioning":
    {
    }
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "message": "Bad Request"
}

/deviceprofile/bootstrapprovisioning/get

post/deviceprofile/bootstrapprovisioning/get
https://ssapi.services.u-blox.com/v1/deviceprofile/bootstrapprovisioning/get

Gets feature authorization and network parameters that were set on new devices (i.e.: they have not bootstrapped).

Authorizations:
Request Body schema: application/json
DeviceProfileUID
required
string ^(.*)$

DeviceProfileUID against which security features were set.

Responses

200
Successful Request.
400
Bad Request.
401
Not Authorized.
404
Not Found.

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "DeviceProfileUID": "AyvylmHVdUiHQzUaCjOmC"
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "DeviceProfileUID": "AyvylmHVdUiHQzUaCjOmC",
  • "DesiredProperties":
    {
    }
}

/deviceprofile/bootstrapprovisioning/delete

post/deviceprofile/bootstrapprovisioning/delete
https://ssapi.services.u-blox.com/v1/deviceprofile/bootstrapprovisioning/delete

Deletes feature authorizations and network parameters that were set to be applied on new devices (i.e.: they have not bootstrapped), as if they were never set.

All devices that have already bootstrapped will not be affected by this change.

Authorizations:
Request Body schema: application/json
DeviceProfileUID
required
string ^(.*)$

DeviceProfileUID against which security features will be deleted.

Responses

200
Successful Request.

An empty JSON response is returned.

400
Bad Request.
401
Not Authorized.
404
Not Found.

Request samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "DeviceProfileUID": "AyvylmHVdUiHQzUaCjOmC"
}

Response samples

Content type
application/json
Copy
Expand all Collapse all
{
  • "message": "Bad Request"
}

Device APIs

/device/provisioning/set

post/device/provisioning/set
https://ssapi.services.u-blox.com/v1/device/provisioning/set

Set feature authorizations (Local Data Protection, Local Chip-to-Chip Security, Local Chip-to-Chip Security KeyPairing, ZTPV1) and network parameters (Security Heartbeat) on existing devices (i.e. they have already bootstrapped). Provisioning will happen on the devices' next security hearbeat (when devices wakes up and connects to server)

Sets feature authorization and network parameters on the list of devices provided in the request.

For BASIC accounts: This API can only be called for an evaluation device. To register device as an evalation device, please call /RegisterEvaluationDevice API

Authorizations:
Request Body schema: application/json
ROTPublicUIDs
Array of strings

[conditionally required]
The list of (1 to N) ROTPublicUIDs that need to be updated.
If you provide TagNames as input parameter, this is not required.

TagNames
Array of strings

[conditionally required]
Give a list of tags and provisioning will be set on all ROTPublicUIDs associated with them.
If you provide ROTPublicUIDs as input parameter, this is not required.

Provisioning
required
object

The desired feature authorization properties (enabled/disabled) to be provisioned on the ROTPublicUID list (it includes network parameters).
Note: Only Local Da