Download OpenAPI specification:Download
Authenticates an APIKey and matching secret and returns an AuthToken and RefreshToken
APIKey required | string The APIKey created and provided to the client by u-blox support. This is one of the two values (including the APISecret) required to create the Authorization (AuthToken) and Refresh (RefreshToken) headers. It must be current and valid for the client. |
APISecret required | string The APISecret linked to and created at the same time as the APIKey. The APISecret will also be provided to the client by u-blox support - it must be current and valid for the APIKey. |
{- "APIKey": "0d636af8-d001-49ba-86d3-80f21272c14a",
- "APISecret": "nqnazbOMuKAalu9KZwHKyN7tnJua96ki"
}
{- "AuthToken": "eyJraWQiOiJwZFc0elY4dGlEaDhjUWREUTIrOXQ5SmhMZ2w1bGpNTW5Lcm1aVTRxV1M0PSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJmNTEwZTAxZS1lOWNlLTRiNGYtOTI2Mi1lOWE3NGJiNjhhNGUiLCJhdWQiOiI1ZTZydmMwb2Fhc2FwYWs1NHZjNTFxdmRkMSIsImV2ZW50X2lkIjoiYzViOGEzMWEtYjc1My00NjEwLTg3MWUtNWRkOGFiZmZlMjk1IiwidG9rZW5fdXNlIjoiaWQiLCJhdXRoX3RpbWUiOjE1NzY0ODg4MTgsImlzcyI6Imh0dHBzOlwvXC9jb2duaXRvLWlkcC5ldS13ZXN0LTEuYW1hem9uYXdzLmNvbVwvZXUtd2VzdC0xX1pvNmExYzI5SSIsImNvZ25pdG86dXNlcm5hbWUiOiI3NTExMmQ0OC1iMjFkLTRmYzItYmJlMS01MjBmMWYxY2IxYWY0djdqS3MzcFlPNlp4S1o3NTh0MUhMNnEzQ3FQZkV2OWx5THRCZzUzIiwiZXhwIjoxNTc2NDkyNDE4LCJpYXQiOjE1NzY0ODg4MTh9.KEqQlBGji-x6q48N0QC92MDyYaqvoE1yjlDZIT-Wm83JTd_N4gg04Fft1LhBf_n5kcaG8ozNOcoQqnvGSgRc3WdiRRt10VLjWelLxTCZv-KfdE_yytxMQyz8okW934hyDCHEICCPFcVFuguNKgLvROaRbrdyXvjxRp19wJMoFIxTyq_HVKNsXE4pMjRzOe8aUVPknv-ahwWptOGmkLItn6kPvKze5dRjrZ_TCX1JA9ctWutQsA3xVudkAigX5abPU67ERCcC18MWcb2suJdKAJ_LEbNu9oaVxhK4BKyAsGXgzfJDcmzmvah-HpfRZILKOk2aFI3pJuT5bIvRk714DA",
- "RefreshToken": "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.BET2RibujxYPTb8J9MmsvK567rSyNKinEWKUMW5DwXDmN-_iK78UVDeNZcsBMHat7Q0QDPRV_JJwtW9WUb9QIT1PboCi8G7Umq-UzMY0VKgEgjzvC2dz0USDljE7rI9PsizL35g52WOYdyjuOz-5ywmtzJW_Gm4w6pJ7tZFV3C_fzD107QVWIMZJkEcdz_qXMh_xrtHtIjPtgtVwydfTugiBKUIdKp1MDXayEXHObCRnQ-wT_PYPf5kpyK2HdrkkafZ-bLcT1Ot1xX5Won3oReYvaaRGjODbzpSCmTRK19-vtUHdmbijOtlwbXIib2ywy5I0NFI_oz1vB6m14LUuwQ.5jr8P9WBumUqQ0py.n-DjibjN8GgrMlzushDQNCCM1ycqD-QXCBoGCbfdKTGasREloXu8-GOgdABlkHdkUIWbls8Yy081p2ralIZJ5ARrhpaLspuxYf3uCUO2sHGJoSXpyNUuI74je2qGu6SVMwmJsa3Mw_aduAjIldcfYk_BqCVrjAO4Hr33pkJJsVVkr9vgvSRA-Xd59QB_XcNU0Z871JeMT2tLkJlZKUJ7xQhAK5Uu1zozoUJpSsj5wmGo1wrMGNUKQ0Hbg0Y8j9yFJNeGbu8LRZeCUAT3T9KbvegihzpjBdlAg7qNBE8DaiwluYEhNIM9SCR5U8S9qO9X6CxJy4D408CWkid4iiU3rmJ7JO5fJiQQJ1YJob0W9KOimYZ8k9llFfYY8SpFq3N7q0qR_vIS0PgwE-rofuHafWUrksE-GXfa_L9HNAzrYdNA4sXwEUCQsv0cvcm-UklL02HMSLXv_A0y4O-UuSORe9ktpGog2pNm8Z-w6haDtszTu-7PMG18Rx-3B2luoX6rX7NadbFiEOpYl7jq5e1yW2gqntt_p66TWLmaB2_Hi47J2dkTszAhHc6L-kWqQ-MmOB2RuHHyvj0-NH-kiRIDH8NwfJYS36Z1YS1bwtxixkLeZ4szpl0QDB18MZEVJCr-98r0-4jXcIb05uL-piJtJr3hozjxGphMrV1ZcQe28NppkHUCPP99g8M7Rr_2e4v-TZWEN2twcKenciF6j6Vzgb-jD9xTNygIj7xQuw6GIw1RUIt9WpoKwL8sXZwpzQ-LXWvP6uw4lYfovGeUcx6HsUX3HKoSpMQnbmrIUmWmM4TyKLnrvSnVzwtQfzu6IIEC_bvG_O9Ke7a87rq8n9i9XkrpjmkXTcmw5Pp-wRHVlNriYvE_G_PhB5f2aBs9G-zuA5ybKIOExE-KRCCouji53lBJrgtO_Q0tfyhqjXW4zYSF-vStFgLAuEbYDjTiY0RB23OpPn2AVBVuQtFvxjKoBqgzTiPXhrsu_1QQ6joLEw5pJXJ07vMI1yWMj8Qro6MUwfdwappSjsEoopE9XG38w41yTpOj29spfjNWhVMG6e7Ohy5OvQ7_LK6_RgbbOHSajTXAv_dGhq2NN6uotnkTDYmoWxVVK5RoKBFlwBnyyB6H5s6rRcPLJIyXlySTOlL66rOIZbHz92eYmCC334dMiDEMuZcAjwgDsMOX8nfFIBFVNgdmlQYk1fxrU_JG5uvm1_dhmI3bKrmOMB9OdwGHoEyNd8fYcFVacB9hhhY_ejLe_2rkNhPbu5ONGeq6MrFGaa-we_BBjA25X9Zlr8Y8DDnjYQsOYRs3acA7uuy-gJ6AdQ7CYuZtLamN4JlXMhQP6VzQYVULYDooMSwOI4kqhotGLW0YM4XmC9x8nc3A-dRZW5fNA6A3WeqEJuwZ8Vpiwh8.1rMwObTlw4-WhgQA6W0Ixg"
}
Allows the creation of a new AuthToken. The RefreshToken can be used for 3 days
APIKey required | string The APIKey created and provided to the client by u-blox support. It must be current and valid for the client. |
RefreshToken required | string The Token used to create a new Authorization header. The RefreshToken can only be used to create a new AuthToken if the RefreshToken is not more than 3 days old. |
{- "APIKey": "0d636af8-d001-49ba-86d3-80f21272c14a",
- "RefreshToken": "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAifQ.BET2RibujxYPTb8J9MmsvK567rSyNKinEWKUMW5DwXDmN-_iK78UVDeNZcsBMHat7Q0QDPRV_JJwtW9WUb9QIT1PboCi8G7Umq-UzMY0VKgEgjzvC2dz0USDljE7rI9PsizL35g52WOYdyjuOz-5ywmtzJW_Gm4w6pJ7tZFV3C_fzD107QVWIMZJkEcdz_qXMh_xrtHtIjPtgtVwydfTugiBKUIdKp1MDXayEXHObCRnQ-wT_PYPf5kpyK2HdrkkafZ-bLcT1Ot1xX5Won3oReYvaaRGjODbzpSCmTRK19-vtUHdmbijOtlwbXIib2ywy5I0NFI_oz1vB6m14LUuwQ.5jr8P9WBumUqQ0py.n-DjibjN8GgrMlzushDQNCCM1ycqD-QXCBoGCbfdKTGasREloXu8-GOgdABlkHdkUIWbls8Yy081p2ralIZJ5ARrhpaLspuxYf3uCUO2sHGJoSXpyNUuI74je2qGu6SVMwmJsa3Mw_aduAjIldcfYk_BqCVrjAO4Hr33pkJJsVVkr9vgvSRA-Xd59QB_XcNU0Z871JeMT2tLkJlZKUJ7xQhAK5Uu1zozoUJpSsj5wmGo1wrMGNUKQ0Hbg0Y8j9yFJNeGbu8LRZeCUAT3T9KbvegihzpjBdlAg7qNBE8DaiwluYEhNIM9SCR5U8S9qO9X6CxJy4D408CWkid4iiU3rmJ7JO5fJiQQJ1YJob0W9KOimYZ8k9llFfYY8SpFq3N7q0qR_vIS0PgwE-rofuHafWUrksE-GXfa_L9HNAzrYdNA4sXwEUCQsv0cvcm-UklL02HMSLXv_A0y4O-UuSORe9ktpGog2pNm8Z-w6haDtszTu-7PMG18Rx-3B2luoX6rX7NadbFiEOpYl7jq5e1yW2gqntt_p66TWLmaB2_Hi47J2dkTszAhHc6L-kWqQ-MmOB2RuHHyvj0-NH-kiRIDH8NwfJYS36Z1YS1bwtxixkLeZ4szpl0QDB18MZEVJCr-98r0-4jXcIb05uL-piJtJr3hozjxGphMrV1ZcQe28NppkHUCPP99g8M7Rr_2e4v-TZWEN2twcKenciF6j6Vzgb-jD9xTNygIj7xQuw6GIw1RUIt9WpoKwL8sXZwpzQ-LXWvP6uw4lYfovGeUcx6HsUX3HKoSpMQnbmrIUmWmM4TyKLnrvSnVzwtQfzu6IIEC_bvG_O9Ke7a87rq8n9i9XkrpjmkXTcmw5Pp-wRHVlNriYvE_G_PhB5f2aBs9G-zuA5ybKIOExE-KRCCouji53lBJrgtO_Q0tfyhqjXW4zYSF-vStFgLAuEbYDjTiY0RB23OpPn2AVBVuQtFvxjKoBqgzTiPXhrsu_1QQ6joLEw5pJXJ07vMI1yWMj8Qro6MUwfdwappSjsEoopE9XG38w41yTpOj29spfjNWhVMG6e7Ohy5OvQ7_LK6_RgbbOHSajTXAv_dGhq2NN6uotnkTDYmoWxVVK5RoKBFlwBnyyB6H5s6rRcPLJIyXlySTOlL66rOIZbHz92eYmCC334dMiDEMuZcAjwgDsMOX8nfFIBFVNgdmlQYk1fxrU_JG5uvm1_dhmI3bKrmOMB9OdwGHoEyNd8fYcFVacB9hhhY_ejLe_2rkNhPbu5ONGeq6MrFGaa-we_BBjA25X9Zlr8Y8DDnjYQsOYRs3acA7uuy-gJ6AdQ7CYuZtLamN4JlXMhQP6VzQYVULYDooMSwOI4kqhotGLW0YM4XmC9x8nc3A-dRZW5fNA6A3WeqEJuwZ8Vpiwh8.1rMwObTlw4-WhgQA6W0Ixg"
}
{- "AuthToken": "eyJraWQiOiJwZFc0elY4dGlEaDhjUWREUTIrOXQ5SmhMZ2w1bGpNTW5Lcm1aVTRxV1M0PSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJmNTEwZTAxZS1lOWNlLTRiNGYtOTI2Mi1lOWE3NGJiNjhhNGUiLCJhdWQiOiI1ZTZydmMwb2Fhc2FwYWs1NHZjNTFxdmRkMSIsImV2ZW50X2lkIjoiYzViOGEzMWEtYjc1My00NjEwLTg3MWUtNWRkOGFiZmZlMjk1IiwidG9rZW5fdXNlIjoiaWQiLCJhdXRoX3RpbWUiOjE1NzY0ODg4MTgsImlzcyI6Imh0dHBzOlwvXC9jb2duaXRvLWlkcC5ldS13ZXN0LTEuYW1hem9uYXdzLmNvbVwvZXUtd2VzdC0xX1pvNmExYzI5SSIsImNvZ25pdG86dXNlcm5hbWUiOiI3NTExMmQ0OC1iMjFkLTRmYzItYmJlMS01MjBmMWYxY2IxYWY0djdqS3MzcFlPNlp4S1o3NTh0MUhMNnEzQ3FQZkV2OWx5THRCZzUzIiwiZXhwIjoxNTc2NDkyNjUzLCJpYXQiOjE1NzY0ODkwNTN9.JL69Bk9B1VYI8ZIKbZBYFJM7LWVEheyHSOc_LA3o3ZNQieYjOOJmTc56qOsNNPX03j2G91OXnaZqJDAhkuz759WHFgTZ4PQt45VhnFSJRf-cxXEGKIYY9vS5Pyi9USpOuKt6zRuD1yoZTsRScQaKV5jV0kDmu1f4nwmM38XFKY7NL37-AntoYk4pRLeuK3zQt3AHHFNeBXBEckD1HakdEXWubRXj7x9dWZ1Q00ttw6Ca9FN_UHcRg265QOhhGzEYd7q-f8VTDDgHQrvNL43UJ9-Xl_WLG-26q9IxNwVRW0N_veIu4w9TLYLHczWfBLEH86ZqA3K7E2KiANoxVXj0vA"
}
The API call to get a list of all created Device Profiles. This API returns a paginated response, which means in order to get to next set of records, you would have to give PageNumber in request body.
TagNames | Array of strings [mutually exclusive] |
ProfileName | string [mutually exclusive] |
PageNumber | number Defaults to 1 if not given. |
{- "TagNames": [
- "version1"
], - "PageNumber": 1
}
{- "DeviceProfiles": [
- {
- "DeviceProfileUID": "wJQrRxCpUEWZjnqmUOi46g",
- "ProfileName": "EvaluationProfile",
- "State": "ALLOCATED",
- "Tags": [
- "version1"
], - "Created": "2019-12-18T09:55:39.344+00:00"
}
], - "PageNumber": 1,
- "PageSize": 100,
- "TotalRecords": 15
}
Set or update feature authorizations (Local Data Protection, Local Chip-to-Chip Security, Local Chip-to-Chip Security Key Pairing, ZTPV1), and network parameters (Security Heartbeat) on new devices (i.e.: they have not bootstrapped). Provisioning will happen when the device bootstraps.
Enables or disables feature authorization and network parameters on the list of devices that belong to provided DeviceProfileUID in the request.
DeviceProfileUID required | string^(.*)$ DeviceProfileUID against which security features will be set. |
required | object The desired feature authorizations and/or network parameters to be provisioned on DeviceProfileUID. |
{- "DeviceProfileUID": "AyvylmHVdUiHQzUaCjOmC",
- "Provisioning": {
- "Authorizations": [
- {
- "Name": "LocalDPR",
- "State": "ENABLED"
}
], - "NetworkParameters": {
- "SecurityHeartbeatInSec": 86400
}
}
}
{- "message": "Bad Request"
}
Gets feature authorization and network parameters that were set on new devices (i.e.: they have not bootstrapped).
DeviceProfileUID required | string^(.*)$ DeviceProfileUID against which security features were set. |
{- "DeviceProfileUID": "AyvylmHVdUiHQzUaCjOmC"
}
{- "DeviceProfileUID": "AyvylmHVdUiHQzUaCjOmC",
- "DesiredProperties": {
- "Authorizations": [
- {
- "Name": "LocalDPR",
- "State": "ENABLED",
- "Modified": "2020-02-21T05:44:27.159+00:00"
}
], - "NetworkParameters": {
- "SecurityHeartbeatInSec": 85000,
- "Modified": "2020-02-21T05:44:27.159+00:00"
}
}
}
Deletes feature authorizations and network parameters that were set to be applied on new devices (i.e.: they have not bootstrapped), as if they were never set.
All devices that have already bootstrapped will not be affected by this change.
DeviceProfileUID required | string^(.*)$ DeviceProfileUID against which security features will be deleted. |
{- "DeviceProfileUID": "AyvylmHVdUiHQzUaCjOmC"
}
{- "message": "Bad Request"
}
The API call to get list of all devices in your account. You can also provide a filter to either get whitelisted or blacklisted devices.
Filter | string Enum: "ALL" "WHITELISTED" "BLACKLISTED" The Filter to apply on devices. |
PageNumber | integer |
{- "Filter": "BLACKLISTED",
- "PageNumber": 1
}
{- "ROTPublicUIDs": [
- {
- "ROTPublicUID": "0002000089282256",
- "IMEI": "359627100016929",
- "SerialNumber": "4017916230",
- "TypeNumber": "SARA-R510M8S-00B-00"
}
], - "PageNumber": 1,
- "PageSize": 100,
- "TotalRecords": 300
}
The API call to add or update list of devices that are whitelisted. This list is important because when a device bootstraps (in ACTIVATED state), feature authorizations will be applied only if the device is in this whitelist, otherwise, the device will bootstrap in ALLOCATED state with no feature authorizations enabled (as set at device profile level).
You can add a device to whitelist using ROTPublicUIDs and/or IMEIs
Instead of providing device info in request body, you can also upload the information in CSV file. If you wish to upload data using CSV, please keep in mind two things:
ROTPublicUIDs required | Array of strings
|
IMEIs | Array of strings
|
Action | string Enum: "ADD" "DELETE" Flag to show whether to add give device in the whitelist or remove it from the whitelist. |
{- "ROTPublicUIDs": [
- "0002000089282256"
], - "Action": "ADD"
}
{- "Message": "Bad Request"
}
The API call to get list of devices that are whitelisted.
PageNumber | integer |
{- "PageNumber": 1
}
{- "DeviceWhitelist": [
- {
- "Type": "ROTPublicUID",
- "Id": "0002000089282256",
- "AddedBy": "User",
- "Created": "2020-02-21T05:44:27.159+00:00"
}
], - "PageNumber": 1,
- "PageSize": 100,
- "TotalRecords": 1
}
Set feature authorizations (Local Data Protection, Local Chip-to-Chip Security, Local Chip-to-Chip Security KeyPairing, ZTPV1) and network parameters (Security Heartbeat) on existing devices (i.e. they have already bootstrapped). Provisioning will happen on the devices' next security hearbeat (when devices wakes up and connects to server)
Sets feature authorization and network parameters on the list of devices provided in the request.
ROTPublicUIDs | Array of strings [conditionally required] |
TagNames | Array of strings [conditionally required] |
required | object The desired feature authorization properties (enabled/disabled) to be provisioned on the ROTPublicUID list (it includes network parameters). |
{- "ROTPublicUIDs": [
- "0002000089282256"
], - "Provisioning": {
- "Authorizations": [
- {
- "Name": "LocalDPR",
- "State": "ENABLED"
}, - {
- "Name": "LocalC2C",
- "State": "ENABLED"
}, - {
- "Name": "LocalC2CKeyPairing",
- "State": "ENABLED"
}, - {
- "Name": "ZTPV1",
- "State": "ENABLED",
- "CAName": "example.com"
}
], - "NetworkParameters": {
- "SecurityHeartbeatInSec": 86400
}
}
}
{- "Message": "Bad Request"
}
Get feature authorizations (Local Data Protection, Local Chip-to-Chip Security, Local Chip-to-Chip Security Key Pairing, ZTPV1) and network parameters (Security Hearbeat) that are to be set on existing devices (i.e.: they have already bootstrapped).
ROTPublicUIDs | Array of strings [conditionally required] |
TagNames | Array of strings [conditionally required] |
{- "ROTPublicUIDs": [
- "0002000089282256"
]
}
[- {
- "ROTPublicUID": "00030000822800AA",
- "DesiredProperties": {
- "Authorizations": [
- {
- "Name": "LocalDPR",
- "State": "ENABLED",
- "Modified": "2020-02-21T05:44:27.159+00:00"
}
], - "NetworkParameters": {
- "SecurityHeartbeatInSec": 85000,
- "Modified": "2020-02-21T05:44:27.159+00:00"
}
}
}
]
Delete feature authorizations and network parameters that are to be set on existing devices (i.e.: they have already bootstrapped), so when a devices next connects, nothing will be applied.
All devices that connected before a call to this API was made will not be affected by this.
Once deleted, Network Parameters (Security Heartbeat) will revert back to its default value.
ROTPublicUIDs | Array of strings [conditionally required] |
TagNames | Array of strings [conditionally required] |
{- "ROTPublicUIDs": [
- "0002000089282256"
]
}
{- "message": "Bad Request"
}
The API call to rotate keys used in E2E data protection.
ROTPublicUIDs | Array of strings [conditionally required] |
TagNames | Array of strings [conditionally required] |
Type required | string Enum: "CONTINUOUS" "AUTOMATIC" The type of key rotation to use. Continous means every time e2e APIs are called, the key will be rotated. Automatic means the key will be rotated after given number of days, and if e2e APIs are called before it, the same key will be returned. |
Days | integer [ 1 .. 30 ] Number of days after which key will be rotated. Defaults to 7 days if not given.
|
{- "ROTPublicUIDs": [
- "0002000089280087"
], - "Type": "AUTOMATIC",
- "Days": 1
}
{- "Message": "The automatic rotation has been set. The key will be rotated every 1 day. The Security heartbeat has been adjusted to 1 day."
}
The API call to get the symmetric key.
KeyID required | string Key identity used to derive a session Key comprising of 14 bytes. The byte array should be formatted as a Hexadecimal String without a ‘0x’ pattern. |
KeyLength | integer Default: 256 The length of the Key to be generated. The Key length can be either 128 or 256. The default length is 256 and this value will be used if the KeyLength parameter is not included in the call. |
{- "KeyID": "1101000005B52001443F8C16C7EC"
}
{- "Key": "oCa2JO0sqs4F4L//fMScNA==",
- "ROTPublicUID": 2000089282245
}
The API call used to get the E2E decryption parameters.
EncryptedHeader required | string How to obtain this value is explained in the supporting AppNote. The first 16 bytes of the encrypted data header which contains the identity vector used to derive the end to end key. The byte array should be formatted as a Hexadecimal String without a ‘0x’ pattern. |
{- "EncryptedHeader": "1101000089282257621f7593c47f0000"
}
{- "Nonce": "BbUgA2S3/b938wAA",
- "MACLength": 128,
- "CipherSuite": "AES_128_CCM",
- "Key": "lTZfP2dO5IAXvJT8FlXV5A==",
- "KIV": "EQEBAIkoIrZnYX4vnjgCCC==",
- "ROTPublicUID": 2000089282245
}
The API call used to get the E2E integrity parameters.
EncryptedHeader required | string How to obtain this value is explained in the supporting AppNote. The byte array should be formatted as a Hexadecimal String without a ‘0x’ pattern. |
{- "EncryptedHeader": "2900000f0008002f312401"
}
{- "MACLength": 128,
- "CipherSuite": "AES_128_CCM",
- "AuthenticationKey": "lTZfP2dO5IAXvJT8FlXV5A==",
- "AuthKeyLength": 128,
- "KIV": "EQEBAIkoIrZnYX4vnjgCCC==",
- "ROTPublicUID": 2000089282245
}
The API call used to get the E2E encryption parameters.
ROTPublicUID required | string The ROTPublicUID that uniquely identifies the device. |
{- "ROTPublicUID": 2000089282245
}
{- "MACLength": 128,
- "KeyLength": 128,
- "CipherSuite": "AES_128_CS1_HMAC_SHA256",
- "AuthenticationKey": "lTZfP2dO5IAXvJT8FlXV5A==",
- "AuthKeyLength": 128,
- "EncryptionKey": "EuPzZxheaAoGAQ/+X2mYbg==",
- "KIV": "EQEBAIkoIrZnYX4vnjgCCC==",
- "AESIV": "KgXYZgAAiSgisgADBBBBBB",
- "ROTPublicUID": 2000089282245
}
The API call used to get the E2E integrity parameters.
ROTPublicUID required | string The ROTPublicUID that uniquely identifies the device. |
{- "ROTPublicUID": 2000089282245
}
{- "MACLength": 128,
- "CipherSuite": "AES_128_CS1_HMAC_SHA256",
- "AuthenticationKey": "lTZfP2dO5IAXvJT8FlXV5A==",
- "AuthKeyLength": 128,
- "KIV": "EQEBAIkoIrZnYX4vnjgCCC==",
- "ROTPublicUID": 2000089282245
}
ROTPublicUIDs | Array of strings [conditionally required] |
TagNames | Array of strings [conditionally required] |
DeviceSerialNumbers | Array of strings [conditionally required] |
Options | Array of strings Items Enum: "CORE" "PROVISIONING" "ZTP" To control which set of information will be returned. Current values are:
|
{- "ROTPublicUIDs": [
- "0002000089280087"
], - "Options": [
- "CORE",
- "PROVISIONING"
]
}
{- "DeviceInfo": [
- {
- "ROTPublicUID": 2000089280087,
- "LastSeen": "2020-03-02T07:40:19Z",
- "ServicesAccessBlocked": false,
- "DCMAccessBlocked": false,
- "EnableDebugLogs": false,
- "IsBlacklisted": false,
- "Tags": [
- "tag1",
- "tag2"
], - "Core": {
- "DeviceProfileUID": "UNATTRIBUTED DEVICE PROFILE",
- "SerialNumber": "22220001",
- "IMEI": 159621100013519,
- "DeviceSerialNumber": "22220001",
- "ROTVersion": "1",
- "Version": "R-CHIBP-BDNAA",
- "TypeNumber": "SARA-R500S-00B-00"
}, - "CurrentProperties": {
- "Authorizations": [
- {
- "Name": "LocalDPR",
- "State": "ENABLED",
- "SyncDate": "2020-01-10T15:43:38Z"
}
], - "NetworkParameters": {
- "SecurityHeartbeat": {
- "SecurityHeartbeatInSec": 89000,
- "SyncDate": "2020-02-12T14:20:07.813+00:00"
}
}, - "DeviceCertificate": {
- "CAName": "my-ca",
- "DeviceCertificate": "-----BEGIN CERTIFICATE-----\nMIIB0jCCAXMGByqGSM49AgEGCCqGSM49AwEHA0IABDLG\nQFgbhzFiajzXa4BpXWptcSlcevbQJ\nD1kHgyCKmNpJvB7/3vujIDAeMA4GA1UdDwEB/wQEAwIHgDAMBSSaf0G1nq4=\n-----END CERTIFICATE-----",
- "SyncDate": "2020-10-02T10:47:22+00:00",
- "ExpirationDate": "2020-10-02T10:47:22+00:00",
- "CertificateSerialNumber": "371b9ccb34dcf558fa5a5f279bf5d0b1",
- "CommonName": "0002000089280087",
- "IsRevoked": false,
- "UpdatePending": false
}, - "E2EKeyRotation": {
- "KeyRotationsDone": 1,
- "KeyRotationQuotaRemaining": 65535,
- "SyncDate": "2020-02-12T14:20:07.813+00:00"
}
}, - "DesiredProperties": {
- "Authorizations": [
- {
- "Name": "LocalDPR",
- "State": "ENABLED",
- "CAName": "my-ca",
- "ModifiedDate": "2020-01-10T15:43:38Z"
}
], - "NetworkParameters": {
- "SecurityHeartbeat": {
- "SecurityHeartbeatInSec": 89000,
- "ModifiedDate": "2020-02-12T14:20:07.813+00:00"
}
}, - "E2EKeyRotation": {
- "KeyRotationPeriod": 1,
- "KeyRotationType": "AUTOMATIC",
- "ModifiedDate": "2020-02-12T14:20:07.813+00:00"
}
}, - "ErrorProperties": {
- "DeviceType": {
- "Error": "Unknown Device type: ALPHA_1"
}, - "Authorizations": [
- {
- "Name": "LocalDPR",
- "Error": "This feature is not supported for this ROTPublicUID."
}
]
}
}
]
}
The API call to get device notifications. Whenever a device bootstraps (its INFO changes), or some properties get applied on the device, a notification is received, which can be retrieved using this API.
FromDate required | string Starting date in ISO 8601 standard. Go back to this date and get notifications that came in after. . You can only specify FromDate as old as 180 days ago. |
ToDate | string End date in ISO 8601 standard. Get notifications till this date. |
ROTPublicUIDs | Array of strings [conditionally required] |
TagNames | Array of strings [conditionally required] |
NotificationType | string Get only this type of notification. Possible values are:
|
PageNumber | number Defaults to 1 if not given |
{- "FromDate": "2020-02-01T00:00:00+00:00",
- "ToDate": "2020-03-01T23:59:00+00:00",
- "ROTPublicUIDs": [
- "0000200456789544"
], - "NotificationType": "DEVICE_INFO_CHANGE"
}
{- "PageNumber": 1,
- "PageSize": 100,
- "TotalRecords": 153,
- "Notifications": [
- {
- "NotificationType": "DEVICE_STATE_CHANGE",
- "ROTPublicUID": 2000089280091,
- "Timestamp": "2020-02-28T10:22Z",
- "Payload": {
- "Error": "Invalid KeySetId for device 0002000089280091! expected field keyset but received production keyset",
- "PreviousState": "REGISTERED",
- "CurrentState": "ACTIVATED",
- "DesiredProperties": {
- "Authorizations": [
- {
- "Name": "LocalDPR",
- "State": "ENABLED",
- "ModifiedDate": "2020-02-28T10:22:30Z"
}
], - "NetworkParameters": {
- "CoapMTU": {
- "CoapMTUInBytes": 520,
- "ModifiedDate": "2020-02-28T10:22:30Z"
}, - "CoapTimeout": {
- "CoapTimeoutInSec": 30,
- "ModifiedDate": "2020-02-28T10:22:30Z"
}, - "SecurityHeartbeat": {
- "SecurityHeartbeatInSec": 86400,
- "ModifiedDate": "2020-02-28T10:22:30Z"
}
}
}, - "CurrentProperties": {
- "Authorizations": [
- {
- "Name": "LocalDPR",
- "State": "ENABLED",
- "SyncDate": "2020-02-28T10:22:30Z"
}
], - "NetworkParameters": {
- "CoapMTU": {
- "CoapMTUInBytes": 520,
- "SyncDate": "2020-02-28T10:22:30Z"
}, - "CoapTimeout": {
- "CoapTimeoutInSec": 30,
- "SyncDate": "2020-02-28T10:22:30Z"
}, - "SecurityHeartbeat": {
- "SecurityHeartbeatInSec": 86400,
- "SyncDate": "2020-02-28T10:22:30Z"
}
}
}, - "PreviousDeviceInfo": {
- "ROTVersion": "01.04.00",
- "TypeNumber": "SARA-R410M-03B-00",
- "SerialNumber": "4017916230",
- "Version": "R-CHIBP-BDNAA",
- "IMEI": "159621100013519",
- "DeviceProfileUID": "AyvylmHTdViHQzeUaC1Omb",
- "DeviceSerialNumber": "12345678"
}, - "CurrentDeviceInfo": {
- "ROTVersion": "01.04.00",
- "TypeNumber": "SARA-R410M-03B-00",
- "SerialNumber": "4017916230",
- "Version": "R-CHIBP-BDNAA",
- "IMEI": "159621100013519",
- "DeviceProfileUID": "AyvylmHTdViHQzeUaC1Omb",
- "DeviceSerialNumber": "12345678"
}
}
}
]
}
The API call to verify if a particular device or list of devices are cloned or not.
FromDate required | string Starting date in ISO 8601 standard. Go back to this date and get devices that cloned after. |
ToDate | string End date in ISO 8601 standard. Get cloned devices till this date. |
ROTPublicUIDs | Array of strings [conditionally required] |
TagNames | Array of strings [conditionally required] |
DeviceProfileUID | string [conditionally required] For instances where the DeviceProfileUID was not sealed during the initial bootstrap the value for this parameter is set to: UNATTRIBUTED DEVICE PROFILE. The DeviceProfileUID can be sealed
after bootstrap (known as Two stage bootstrap) - the sealed value will
now be returned. Note: Please see the supporting AppNote for information on:
|
PageNumber | number Defaults to 1 if not given |
{- "FromDate": "2020-02-01T00:00:00+00:00",
- "ToDate": "2020-03-01T23:59:00+00:00",
- "ROTPublicUIDs": [
- "0000200456789544"
]
}
{- "PageNumber": 1,
- "PageSize": 100,
- "TotalRecords": 153,
- "ClonedEvents": [
- {
- "ROTPublicUID": "0002000089280091",
- "Reasons": [
- {
- "Timestamp": "2020-02-28T10:22Z",
- "Error": "Invalid KeySetId for device 0002000089280091! expected field keyset but received production keyset"
}
]
}
]
}
The API call to verify if a particular device or list of devices are suspicious or not.
Reasons for a suspicous device are mentioned below.
ROTPublicUIDs | Array of strings [conditionally required] |
TagNames | Array of strings [conditionally required] |
DeviceProfileUID | string [conditionally required] For instances where the DeviceProfileUID was not sealed during the initial bootstrap the value for this parameter is set to: UNATTRIBUTED DEVICE PROFILE. The DeviceProfileUID can be sealed
after bootstrap (known as Two stage bootstrap) - the sealed value will
now be returned. Note: Please see the supporting AppNote for information on:
|
PageNumber | number Defaults to 1 if not given |
{- "ROTPublicUIDs": [
- "0000200456789544"
]
}
{- "PageNumber": 1,
- "PageSize": 100,
- "TotalRecords": 153,
- "SuspiciousDevices": [
- {
- "ROTPublicUID": 2000089280091,
- "Reasons": [
- "DUPLICATED_SCL_SERIAL_NUM_SEALED_INFO"
]
}
]
}
The API call to get device activities - most specifically, commands that were executed / carried out on the device when interacting with server.
FromDate required | string Starting date in ISO 8601 standard. Go back to this date and get notifications that came in after. |
ToDate | string End date in ISO 8601 standard. Get notifications till this date. |
ROTPublicUID required | string Notifications will be retrieved for given ROTPublicUID. |
PageNumber | number The page number that corresponds to the data set intended. |
{- "FromDate": "2020-02-01T00:00:00+00:00",
- "ToDate": "2020-03-01T23:59:00+00:00",
- "ROTPublicUID": "0000200456789544",
- "PageNumber": 1
}
{- "PageNumber": 1,
- "PageSize": 100,
- "TotalRecords": 1,
- "LastSeen": "2020-03-02T07:40:19Z",
- "Activities": [
- {
- "Command": "LFA",
- "CommandSentAt": "2020-02-28T10:22:34Z",
- "ResponseReceived": "true",
- "ResponseReceivedAt": "2020-02-28T10:22:34Z",
- "ResponseCode": "00",
- "State": "EXECUTED"
}
]
}
The API call to get usage logs, aggregated by device (ROTPublicUID). There is a 5 minute lead time before logs get updated. A usage log is generated when following APIs are called:
FromDate required | string To get usage logs from this date. Format of the date is yyyy-mm-dd. You can only specify FromDate as old as 60 days ago. |
ToDate | string To get usage logs till this date. Format of the date is yyyy-mm-dd. If this is not specified, it defaults to today's date. |
ROTPublicUIDs | Array of strings Filter usage logs of given ROTPublicUIDs. |
TagNames | Array of strings Filter usage logs of ROTPublicUIDs that have given tags assigned to them. |
{- "FromDate": "2020-02-01"
}
{- "2000089282256": {
- "2020-02-01": {
- "CEL-SEC-E2PU": 3,
- "CEL-SEC-E2KU": 3,
- "CEL-SEC-LDPR": 1,
- "CEL-SEC-LC2C": 1,
- "CEL-SEC-LC2CP": 1,
- "CEL-SEC-ZTPV1": 1,
- "CEL-SEC-ZTRN": 1,
- "CEL-SEC-ZTUP": 1
}
}
}
Lists the ROTPublicUIDs linked to a DeviceProfileUID.
You can also list ROTPublicUIDs by giving a list of tags.
This API returns a
paginated response, which means in order to get to next set of records,
you would have to give PageNumber in request body.
DeviceProfileUID | string [conditionally required] For instances where the DeviceProfileUID was not sealed during the initial bootstrap the value for this parameter is set to: UNATTRIBUTED DEVICE PROFILE. The DeviceProfileUID can be sealed
after bootstrap (known as Two stage bootstrap) - the sealed value will
now be returned. Note: Please see the supporting AppNote for information on:
|
TagNames | Array of strings [conditionally required] |
PageNumber | number Defaults to 1 if not given |
{- "DeviceProfileUID": "mbYbAX-CoEqE97TMFBsUKQ",
- "PageNumber": 1
}
{- "ROTPublicUIDs": [
- 2000089282256
], - "PageNumber": 1,
- "PageSize": 100,
- "TotalRecords": 300
}
{- "Version": "1.1.1"
}
The API call to create a Root CA, which will be used by the server to generate device specific certificates. Once generated, this certificate needs to be uploaded to client's server platform.
NOTES:
CAName required | string <= 45 characters Certificate name
|
CACertificateValidity required | integer [ 1825 .. 3650 ] Validity of the certificate, in days. Note: It is highly recommended that validity of the certificate should not be set higher than 3650 days (10 years). Maximum supported value is also 3650 days. |
DeviceCertificateValidity required | integer [ 30 .. 3650 ] Validity of the certificate generated for the device, in days. Note: It is highly recommended that validity of the certificate should not be set higher than 3650 days (10 years). Maximum supported value is also 3650 days. |
RenewBeforeExpiration | integer [ 1 .. 365 ] Number of days to renew device certificate before it expires. |
{- "CAName": "example.com",
- "CACertificateValidity": 3650,
- "DeviceCertificateValidity": 3650,
- "RenewBeforeExpiration": 180
}
{- "CAName": "example.com",
- "CACertificateValidity": 1825,
- "DeviceCertificateValidity": 1825,
- "Certificate": "-----BEGIN CERTIFICATE-----\\nMIIBzjCCAXWgAwIBAgIIdVrMsEU2rrQwCgYIKoZIzj0EAwIwfDEZMBc1A1UEAwwQ\\nU0lULUlPVC1DSS1UZXN0czERMA8GA1UECgwIS3VkZWxza2kxFTATBgNVBAsMDElv\\nVCBTZWN1cml0A1UELhMsSVNFUCBETSA5YTEwZDgxMy00YWM5LTQ3ODgt\\nYmJjNC1lNzAxOTdlMzZlYjAwHhcNMjAwNDIwMTkwMTA5WhcNMjkwMTA5\\nWjA9MRkwFwYDVQQDDBAwMDAyMDAwMDA1YjUyMDAxMSAwHgYDVQQFExdEZXZpY2Ug\\nOTg3NjU0MzIxYWJjZGVmMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABAWsXezs\\n2hPrm8iYFLlIX5amaKlC7ssZaVJ+Y+FrclfLRwTP9e7BhPWmECXnM7nGBYu0\\nJWn2jH/8VRtIuVWjIDAeMA4GA1UdDwEB/wQwAwIHgDAMBgNVHvOcUEQAQTBmUYbo\\nAiA4gnWnVIqqXQxzo8MohEaYWDZn89aus9W4zIpgApHSWw==\\n-----END CERTIFICATE-----",
- "CreatedDate": "2020-04-20T19:00:36Z"
}
The API allows to set how many days before the certificate expiration, the automatic renewal of the certificate shall take place. Using this procedure the new certificate will use the same key pair as the expiring one, but it will have a new serial number and a new expiration date.
NOTES:
CAName required | string <= 45 characters Certificate name
|
RenewBeforeExpiration required | integer [ 1 .. 365 ] Number of days to renew device certificate before it expires. |
{- "CAName": "example.com",
- "RenewBeforeExpiration": 180
}
{- "message": "Not Authorized."
}
The API call to get a list of created Root CAs or to get a certificate whose certificate name is provided as input.
PageNumber | integer |
CAName | string Certificate name to get |
{- "PageNumber": 1
}
{- "TotalRecords": 10,
- "PageNumber": 1,
- "PageSize": 100,
- "CAs": [
- {
- "CAName": "example.com",
- "CACertificateValidity": 1825,
- "DeviceCertificateValidity": 1825,
- "Certificate": "-----BEGIN CERTIFICATE-----\\nMIIBzjCCAXWgAwIBAgIIdVrMsEU2rrQwCgYIKoZIzj0EAwIwfDEZMBc1A1UEAwwQ\\nU0lULUlPVC1DSS1UZXN0czERMA8GA1UECgwIS3VkZWxza2kxFTATBgNVBAsMDElv\\nVCBTZWN1cml0A1UELhMsSVNFUCBETSA5YTEwZDgxMy00YWM5LTQ3ODgt\\nYmJjNC1lNzAxOTdlMzZlYjAwHhcNMjAwNDIwMTkwMTA5WhcNMjkwMTA5\\nWjA9MRkwFwYDVQQDDBAwMDAyMDAwMDA1YjUyMDAxMSAwHgYDVQQFExdEZXZpY2Ug\\nOTg3NjU0MzIxYWJjZGVmMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABAWsXezs\\n2hPrm8iYFLlIX5amaKlC7ssZaVJ+Y+FrclfLRwTP9e7BhPWmECXnM7nGBYu0\\nJWn2jH/8VRtIuVWjIDAeMA4GA1UdDwEB/wQwAwIHgDAMBgNVHvOcUEQAQTBmUYbo\\nAiA4gnWnVIqqXQxzo8MohEaYWDZn89aus9W4zIpgApHSWw==\\n-----END CERTIFICATE-----",
- "CreateDate": "2020-04-20T19:00:36Z"
}
]
}
The API returns the Certificate Revocation List (CRL) for given Root CAs, that contains the list of all certificates that has been revoked. The output returns a standard CRL string as well as serial numbers of revoked device certificates.
NOTES:
CANames | Array of strings List of root certificate names |
{- "CANames": [
- "example.com"
]
}
{- "CRLs": [
- {
- "CAName": "example.com",
- "CRL": " MIIBzjCCAXWgAwIBAgIIdVrMsEU2rrQwCgYIKoZIzj0EAwIwfDEZMBc1A1UEAwwQ\\nU0lULUlPVC1DSS1UZXN0czERMA8GA1UECgwIS3VkZWxza2kxFTATBgNVBAsMDElv\\nVCBTZWN1cml0A1UELhMsSVNFUCBETSA5YTEwZDgxMy00YWM5LTQ3ODgt\\nYmJjNC1lNzAxOTdlMzZlYjAwHhcNMjAwNDIwMTkwMTA5WhcNMjkwMTA5\\nWjA9MRkwFwYDVQQDDBAwMDAyMDAwMDA1YjUyMDAxMSAwHgYDVQQFExdEZXZpY2Ug\\nOTg3NjU0MzIxYWJjZGVmMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABAWsXezs\\n2hPrm8iYFLlIX5amaKlC7ssZaVJ+Y+FrclfLRwTP9e7BhPWmECXnM7nGBYu0\\nJWn2jH/8VRtIuVWjIDAeMA4GA1UdDwEB/wQwAwIHgDAMBgNVHvOcUEQAQTBmUYbo\\nAiA4gnWnVIqqXQxzo8MohEaYWDZn89aus9W4zIpgApHSWw==",
- "SerialNumbers": [
- "102a82751ae2fb125bc46246c45547fa"
]
}
]
}
The API provides in output the a list of devices (with the ROTPublicUIDs) that have been provisioned with a device certificate signed by a given Root CA.
PageNumber | integer |
CAName required | string Certificate name against which to get list of devices |
{- "CAName": "acme.example.com"
}
{- "TotalRecords": 1,
- "PageNumber": 1,
- "PageSize": 100,
- "Devices": [
- {
- "CAName": "acme.example.com",
- "CommonName": "0002000089282256",
- "SerialNumber": "bc730c6d470b70f",
- "IsRevoked": false,
- "ROTPublicUID": "0002000089282256",
- "ExpirationDate": "2021-04-20T19:00:36Z"
}
]
}
The API call to generate a Proof-of-Possession certificate. Once you upload Root CA to your server, a registration code is generated. Use this registration code to generate a Proof-of-Possession certificate using this API, and upload generated certificate to prove ownership of Root CA that was initially uploaded to server.
CAName required | string Certificate name, which was generated earlier. |
RegistrationCode required | string Registration Code generated by the server where Root CA was uploaded. |
{- "CAName": "example.com",
- "RegistrationCode": "930783746273459058465786283467236543874968549"
}
{- "CAName": "example.com",
- "PoPCertificate": "-----BEGIN CERTIFICATE-----\\nMIIBzjCCAXWgAwIBAgIIdVrMsEU2rrQwCgYIKoZIzj0EAwIwfDEZMBc1A1UEAwwQ\\nU0lULUlPVC1DSS1UZXN0czERMA8GA1UECgwIS3VkZWxza2kxFTATBgNVBAsMDElv\\nVCBTZWN1cml0A1UELhMsSVNFUCBETSA5YTEwZDgxMy00YWM5LTQ3ODgt\\nYmJjNC1lNzAxOTdlMzZlYjAwHhcNMjAwNDIwMTkwMTA5WhcNMjkwMTA5\\nWjA9MRkwFwYDVQQDDBAwMDAyMDAwMDA1YjUyMDAxMSAwHgYDVQQFExdEZXZpY2Ug\\nOTg3NjU0MzIxYWJjZGVmMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABAWsXezs\\n2hPrm8iYFLlIX5amaKlC7ssZaVJ+Y+FrclfLRwTP9e7BhPWmECXnM7nGBYu0\\nJWn2jH/8VRtIuVWjIDAeMA4GA1UdDwEB/wQwAwIHgDAMBgNVHvOcUEQAQTBmUYbo\\nAiA4gnWnVIqqXQxzo8MohEaYWDZn89aus9W4zIpgApHSWw==\\n-----END CERTIFICATE-----"
}
The API call to delete a Root CA.
NOTES:
CAName required | string Name of the certificate. |
{- "CAName": "example.com"
}
{- "message": "Not Authorized."
}
This API shall be used to renew manually the device certificate instead of using the automatic procedure that is triggered by /ztp/rootca/update for all the device certificates signed by the given Root CA. Using this procedure the new certificate will use the same key pair as the expiring one, but it will have a new serial number and a new expiration date.
NOTES:
CAName required | string <= 45 characters Certificate name
|
DeviceCertificateValidity required | integer [ 30 .. 3650 ] Validity of the certificate generated for the device, in days. Note: It is highly recommended that validity of the certificate should not be set higher than 365 days (1 year). Maximum supported value is also 3650 days (10 years). |
ROTPublicUIDs | Array of strings [conditionally required] |
SerialNumbers | Array of strings [conditionally required] |
{- "ROTPublicUIDs": [
- "0002000089280087"
], - "CAName": "example.com",
- "DeviceCertificateValidity": 1000
}
{- "message": "Not Authorized."
}
This API shall be used to renew manually the device certificate for all the devices listed. Using this procedure the new certificate will use a new set of key pair and it will have a new serial number and a new expiration date.
This will happen in two security heartbeats, which means when the device first sends a heartbeat, the existing device certificate will be removed, and when the device sends a second heartbeat, a new device certificate (with same root CA but different key/pair) will be provisioned on the device.
NOTES:
CAName required | string <= 45 characters Certificate name
|
ROTPublicUIDs | Array of strings [conditionally required] |
SerialNumbers | Array of strings [conditionally required] |
{- "ROTPublicUIDs": [
- "0002000089280087"
], - "CAName": "example.com"
}
{- "message": "Not Authorized."
}
This API shall be used to completely remove the device certificate and key pair from the device at the next security heartbeat.
NOTES:
ROTPublicUIDs required | Array of strings
|
{- "ROTPublicUIDs": [
- "0002000089280087"
]
}
{- "message": "Not Authorized."
}
This API shall be used to revoke the validity of the device certificate immediately. This results in a new entry for the device certificate in the Certificate Revocation List, but does not cause the removal of the certificate from the device. If you want to remove the certificate you need to use the proper API. Also, if your IoT platform is not able to use the CRL, you need to deactivate/delete the certificate in the IoT platform.
NOTES:
CAName required | string <= 45 characters Certificate name
|
ROTPublicUID | string [conditionally required] |
SerialNumber | string [conditionally required] |
{- "ROTPublicUID": "0002000089280087",
- "CAName": "example.com"
}
{- "message": "Not Authorized."
}
This API call can be used to transfer the device certificate from one Root CA to another, for example if you use two different Root CAs for test and production. After the device security heartbeat is performed the old device certificate is replaced with the new one signed by the target Root CA.
NOTES:
FromCA required | string <= 45 characters Existing Root CA name of the device
|
ToCA required | string <= 45 characters Target Root CA
|
ROTPublicUIDs required | Array of strings An array of ROTPublicUIDs whose Root CA will be transferred. |
{- "ROTPublicUIDs": [
- "0002000089280087"
], - "FromCA": "examplefrom.com",
- "ToCA": "exampleto.com"
}
{- "message": "Not Authorized."
}
The API call to create a notification hook against a given notification event type. This will enable users to setup their own API endpoints, which will be called when a notification is generated, and incoming notification data will be passed on (as JSON request body) to this API endpoint.
NotificationURL required | string Fully qualified URL to call (only https endpoints are accepted). You can register multiple notification URLs against a specific notiifcation event type. |
AuthorizationToken required | string Authorization token to set in "Authorization" header of the request when calling notification URL. |
NotificationType required | string The type of notification event for which this notification URL will be called. Possible values are:
|
{- "AuthorizationToken": "Bearer eiuytreuihkjfghdlyreuiyt",
- "NotificationType": "DEVICE_BOOTSTRAP_EVENT"
}
{- "message": "Not Authorized."
}
The API call to update a notification hook. This API can be used to update AuthorizationToken for a given notification URL.
NotificationURL required | string A fully qualified URL |
AuthorizationToken required | string Authorization token to set in "Authorization" header of the request when calling notification URL. |
{- "AuthorizationToken": "Bearer eiuytreuihkjfghdlyreuiyt"
}
{- "message": "Not Authorized."
}
The API call to delete an already created notification hook.
NotificationURL required | string A fully qualified URL |
{
}
{- "message": "Not Authorized."
}
The API call to get a list of all created notification hooks.
[- {
- "AuthorizationToken": "Bearer eirgtyureiytuiertyghkfjh",
- "NotificationType": "DEVICE_BOOTSTRAP_EVENT",
- "Created": "2020-05-04T09:17:29.85+00:00",
- "Modified": "2020-05-04T09:17:29.85+00:00"
}
]
The API call to create a tag. Once a tag is created, it can then be used in other APIs (that support tags).
TagName required | string It can:
|
{- "TagName": "downtown"
}
{- "message": "Not Authorized."
}
The API call to delete an already created tag. Only those tags can be deleted that aren't assigned to any ROTPublicUIDs. If a tag is assigned to ROTPublicUIDs, it must first be unassigned from all assigned ROTPublicUIDs and then can be deleted.
TagName required | string Tag name to delete |
{- "TagName": "downtown"
}
{- "message": "Request aborted. This tag is currently assigned to ROTPublicUID(s)"
}
The API call to get a list of all created tags.
PageNumber | integer Defaults to 1 if not given. |
{- "PageNumber": 1
}
{- "Tags": [
- {
- "Name": "downtown",
- "Created": "2020-05-11T10:19:19.468+00:00"
}
], - "PageNumber": 1,
- "PageSize": 100,
- "TotalRecords": 1
}
The API call to assign tags to ROTPublicUIDs. Every given tag will be assigned to every given ROTPublicUID.
TagNames required | Array of strings An array of tag names that need to be assigned to ROTPublicUIDs. |
ROTPublicUIDs | Array of strings [conditionally required] |
DeviceProfileUIDs | Array of strings [conditionally required] |
SyncRequired | boolean |
{- "TagNames": [
- "downtown"
], - "ROTPublicUIDs": [
- "0002000089282256"
]
}
{- "message": "Bad Request. Invalid ROTPublicUIDs"
}
The API call to remove tags from ROTPublicUIDs. Every given tag will be removed from every given ROTPublicUID - if a particular combination of TagName and ROTPublicUID doesn't exist, nothing will happen and the combination will be ignored.
It is possible to remove tags from all assigned ROTPublicUIDs, and vice versa.
TagNames required | Array of strings An array of tag names that need to be removed from ROTPublicUIDs. |
ROTPublicUIDs | Array of strings [conditionally required]
|
DeviceProfileUIDs | Array of strings [conditionally required]
|
SyncRequired | boolean |
{- "TagNames": [
- "downtown"
], - "ROTPublicUIDs": [
- "0002000089282256"
]
}
{- "message": "Not Authorized."
}