{"activeVersionTag":"latest","latestAvailableVersionTag":"latest","collection":{"info":{"_postman_id":"7b0a9003-0a08-e00f-133d-ef0a269ebfa4","name":"Envoy API","description":"Welcome to the ENVOY REST API reference. You can use the ENVOY REST API to build add-ons for ENVOY, develop integrations between ENVOY and other applications. This page documents the REST resources available in ENVOY, along with HTTP sample requests and responses.

\r\nAPI Version: 1.4.1
\r\nMinimum Supported Envoy Firmware Version: 4.2.0

\r\n
\r\n

\r\n The ENVOY provides a web service for managing all the services and operations running on the ENVOY.\r\n\r\n This document describes the EWI (Envoy Web Service Interface) used for advanced integration with the ENVOY; the EWI and related interactions described by this document define the externally-visible (black box view) perspective of the services provided by the ENVOY. It is the intent of this specification and interface architecture to shield you from the details of the operations within the ENVOY.\r\n

\r\n
\r\n\r\n
\r\n\r\n
\r\n

INTERFACE PROTOCOL

\r\n

\r\n The Protocol used to communicate between the ENVOY and other applications is based on REST (Representational State Transfer) over HTTP.\r\n\r\n The REST API provide access to resources (data entities) via URI paths. To use a REST API, your application will make an HTTP request and parse the response. Your methods will be the standard HTTP methods like GET, PUT, POST and DELETE. REST API operate over HTTP making it easy to use with any programming language or framework.\r\n

\r\n
\r\n

By default the REST API port operates on: 80

\r\n
\r\n \r\n
\r\n\r\n
\r\n\r\n
\r\n

Authentication

\r\n\r\n The REST API supports basic authentication and cookie-based (session) authentication. See the examples of basic authentication, cookie-based authentication.\r\n ENVOY’s REST API is protected by the same restrictions which are provided via ENVOY’s standard web interface. This means that you can use the same username and password as if you are accessing the ENVOY web interface.\r\n In most cases, the first step in using the ENVOY REST API is to authenticate a user account with your ENVOY server. Any authentication that works against ENVOY will work against the REST API.\r\n
\r\n

Default Username and Password

\r\n

\r\n Username: envoy
\r\n Password: envoy
\r\n

\r\n
\r\n
\r\n\r\n
\r\n\r\n
\r\n

SECRET KEY GENERATION STEPS

\r\n 1. Your static SALT suffix string is “QGFjdGl2ZQ==”
\r\n 2. Hash (With SHA 256) the password concatenated with the salt.
\r\n

     sha256 ([Password] + SALT)

\r\n\r\n Java Code Example:

\r\n \r\n
\r\n 
\r\nprivate static String hashMessage(String message) throws NoSuchAlgorithmException {\r\n    MessageDigest md = MessageDigest.getInstance("SHA-256");\r\n    md.reset();\r\n    byte[] buffer = message.getBytes();\r\n    md.update(buffer);\r\n    byte[] digest = md.digest();\r\n\r\n    String hexStr = "";\r\n    for (byte aDigest : digest) {\r\n        hexStr += Integer.toString((aDigest & 0xff) + 0x100, 16).substring(1);\r\n    }\r\n    return hexStr;\r\n} \r\nprivate static String makeSecret(String key) throws NoSuchAlgorithmException {\r\n    final String salt = "QGFjdGl2ZQ==";\r\n    return hashMessage(key + salt);\r\n}\r\n//This will be the secret key\r\nfinal String secretKey = makeSecret("envoy");\r\n
\r\n
\r\n \r\n
\r\n\r\n
\r\n\r\n
\r\n

Basic Authentication

\r\n\r\n This section shows you how to allow REST clients to authenticate themselves using basic authentication (user name and password). This is one of two methods that you can use for authentication against the ENVOY REST API; the other one being cookie-based authentication.\r\n In this section, we will show you a simple example of basic authentication.
\r\n\r\n

Simple example

\r\n\r\n Most client software provides a simple mechanism for supplying a user name and password and will build the required authentication headers automatically. For example you can specify the -u argument with curl as follows:

\r\n\r\n\r\n
\r\n 
\r\ncurl -D- -u envoy:d4de3dbdb2cff44f39741a6f8adbba74feccdc7cc02d1bb6ed27b37354687c25 -X \r\nGET -H "Content-Type: application/json"\r\nhttp://{{host}}:{{port}}/ALE/api/logical-device?fields=name\r\n
\r\n
\r\n
\r\n\r\n
\r\n\r\n
\r\n

Supplying Basic Authentication Headers

\r\n\r\n If you need to you may construct and send basic authentication headers yourself.
To do this you need to perform the following steps:

\r\n 1. Generate a secret key for a specific user following the Secret Key Generation Steps above.
\r\n 2. Build a string of the form username:secret
\r\n 3. Base64 encode the string
\r\n 4. Supply an \"Authorization\" header with content \"Basic \" followed by the encoded string. For example, you would make the request as follows:

\r\n\r\n\r\n
\r\n 
\r\ncurl –D- -X GET -H "Authorization: Basic {Base64 Encoded String}" -H \r\n"Content-Type: application/json" http://{{host}}:{{port}}/ALE/api/ping\r\n
\r\n
\r\n\r\n

e.g:


\r\n
\r\n 
curl –D- -X GET -H "Authorization: Basic ZW52b3k6ZDRkZTNkYmRiMmNmZjQ0ZjM5NzQxYTZmOGFkYmJhNzRmZWNjZGM3Y2MwMmQxYmI2ZWQyN2IzNzM1NDY4N2MyNQ== " \r\n-H "Content-Type: application/json" http://{{host}}:{{port}}/ALE/\r\n
\r\n
\r\n
\r\n\r\n
\r\n\r\n
\r\n

Cookie-based Authentication

\r\n\r\n This section shows you how to allow REST clients to authenticate themselves using cookies.
\r\n This is one of two methods that you can use for authentication against the ENVOY REST API; the other method being basic authentication.
\r\n This is how cookie-based authentication works in ENVOY at a high level:
\r\n 1. The client generates a secret key for a specific user following the Secret Key Generation Steps.
\r\n 2. The client posts to http://{{host}}:{{port}}/ALE/api/auth the username and the secret key generated in step 1 as the password.
\r\n\r\n After that you've created a session, it's just a matter of setting the cookie in all subsequent requests to the server.
\r\n 3. Store the session object on the client. The way that you do this will depend on how your client is implemented.
\r\n 4. When you want to make a request, take cookie name and value from the session and use them to set the 'cookie' field in the header of your request. This will be used as client session identification.\r\n
\r\n\r\n
\r\n\r\n
\r\n

Authentication Request Body Template

\r\n
\r\nPOST http://{{host}}:{{port}}/ALE/api/auth
\r\nContent-Type=application/json

\r\n
{\r\n "username":"envoy",\r\n "password":"d4de3dbdb2cff44f39741a6f8adbba74feccdc7cc02d1bb6ed27b37354687c25 "\r\n}\r\n
\r\nBefore you begin, please be aware that although cookie-based authentication has many benefits, such as performance (not having to make multiple authentication calls), it also has security risks. For example, your session cookies can be hijacked if handled improperly. This document does not go into the security implications of cookies, but you should make yourself aware of the risks, before considering this approach.\r\n\r\nJava Code Example:

\r\n
\r\n
\r\n//Cookie holder\r\nprivate static String cookie;\r\nprivate static void authenticate() throws IOException, NoSuchAlgorithmException {\r\n    final String secretKey = makeSecret("envoy");\r\n    final byte[] rawData = ("{\\n" +\r\n            "\\t\\"username\\":\\"envoy\\",\\n" +\r\n            "\\t\\"password\\":\\"" + secretKey + "\\"\\n" +\r\n            "}").getBytes(StandardCharsets.UTF_8);\r\n\r\n\r\n    //Set connection properties\r\n    HttpURLConnection conn = (HttpURLConnection) new URL("http://{{host}}:{{port}}/ALE/api/auth").openConnection();\r\n    conn.setDoOutput(true);\r\n    conn.setRequestMethod("POST");\r\n    conn.setRequestProperty("Content-Type", "application/json");\r\n    conn.setRequestProperty("Content-Length", String.valueOf(rawData.length));\r\n    //Write body\r\n    try (OutputStream os = conn.getOutputStream()) {\r\n        os.write(rawData);\r\n        os.flush();\r\n    }\r\n    //Connect and publish data\r\n    conn.connect();\r\n\r\n    final int responseCode = conn.getResponseCode();\r\n\r\n    if (responseCode == HTTP_OK) {\r\n        //Authentication successful\r\n        final String headerField = conn.getHeaderField("Set-Cookie");\r\n        if (headerField != null) {\r\n            //A cookie was received\r\n            cookie = headerField;\r\n        }\r\n    } else {\r\n        //TODO: Handle error\r\n    }\r\n}\r\npublic static void main(String[] args) throws IOException, NoSuchAlgorithmException {\r\n    //Check if the user was authenticated">\r\n    //Authenticate the user\r\n    authenticate();\r\n    if (cookie == null) {\r\n        //The user is not authenticated\r\n        System.err.println("User not authenticated");\r\n        return;\r\n    }\r\n    \r\n    //Set connection properties\r\n   //Request example to test authentication\r\n    HttpURLConnection newConn = (HttpURLConnection) new URL("http://{{host}}:{{port}}/ALE/api/activity?fields=name").openConnection();\r\n    newConn.setRequestProperty("Cookie", cookie);\r\n    newConn.setDoOutput(true);\r\n    newConn.setRequestMethod("GET");\r\n\r\n    //Connect and publish data\r\n    newConn.connect();\r\n    final int responseCode = newConn.getResponseCode();\r\n\r\n    //Read the response body (If any)\r\n    StringBuilder body = new StringBuilder("");\r\n    try (BufferedReader inputStream = new BufferedReader(new InputStreamReader(newConn.getInputStream()))) {\r\n        String line = null;\r\n        while ((line = inputStream.readLine()) != null) {\r\n            body.append(line);\r\n        }\r\n    }\r\n    if (responseCode == HTTP_OK) {\r\n        //TODO: Do stuff here\r\n\r\n        //Print the data received\r\n        System.out.println(body.toString());\r\n    } else {\r\n        //TODO: Handle error\r\n        System.err.println(body.toString());\r\n    }\r\n}\r\n
\r\n
\r\n
","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","isPublicCollection":false,"owner":"2306872","team":52412,"collectionId":"7b0a9003-0a08-e00f-133d-ef0a269ebfa4","publishedId":"6fU1ksh","public":true,"publicUrl":"https://envoyapi.activeidentity.com","privateUrl":"https://go.postman.co/documentation/2306872-7b0a9003-0a08-e00f-133d-ef0a269ebfa4","customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"00609C"},"documentationLayout":"classic-double-column","version":"8.11.4","publishDate":"2018-01-12T12:43:29.000Z","activeVersionTag":"latest","documentationTheme":"light","metaTags":{},"logos":{}},"statusCode":200},"environments":[],"user":{"authenticated":false,"permissions":{"publish":false}},"run":{"button":{"js":"https://run.pstmn.io/button.js","css":"https://run.pstmn.io/button.css"}},"web":"https://www.getpostman.com/","team":{"logo":"https://res.cloudinary.com/postman/image/upload/t_team_logo_pubdoc/v1/team/480cb4a304b77137a67b4d7489024025dcb94f04748b74a939f6821f1e9e85bf","favicon":"https://activeidentity.com/favicon.ico"},"isEnvFetchError":false,"languages":"[{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"HttpClient\"},{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"RestSharp\"},{\"key\":\"curl\",\"label\":\"cURL\",\"variant\":\"cURL\"},{\"key\":\"dart\",\"label\":\"Dart\",\"variant\":\"http\"},{\"key\":\"go\",\"label\":\"Go\",\"variant\":\"Native\"},{\"key\":\"http\",\"label\":\"HTTP\",\"variant\":\"HTTP\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"OkHttp\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"Unirest\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"Fetch\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"jQuery\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"XHR\"},{\"key\":\"c\",\"label\":\"C\",\"variant\":\"libcurl\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Axios\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Native\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Request\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Unirest\"},{\"key\":\"objective-c\",\"label\":\"Objective-C\",\"variant\":\"NSURLSession\"},{\"key\":\"ocaml\",\"label\":\"OCaml\",\"variant\":\"Cohttp\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"cURL\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"Guzzle\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"HTTP_Request2\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"pecl_http\"},{\"key\":\"powershell\",\"label\":\"PowerShell\",\"variant\":\"RestMethod\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"http.client\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"Requests\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"httr\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"RCurl\"},{\"key\":\"ruby\",\"label\":\"Ruby\",\"variant\":\"Net::HTTP\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"Httpie\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"wget\"},{\"key\":\"swift\",\"label\":\"Swift\",\"variant\":\"URLSession\"}]","languageSettings":[{"key":"csharp","label":"C#","variant":"HttpClient"},{"key":"csharp","label":"C#","variant":"RestSharp"},{"key":"curl","label":"cURL","variant":"cURL"},{"key":"dart","label":"Dart","variant":"http"},{"key":"go","label":"Go","variant":"Native"},{"key":"http","label":"HTTP","variant":"HTTP"},{"key":"java","label":"Java","variant":"OkHttp"},{"key":"java","label":"Java","variant":"Unirest"},{"key":"javascript","label":"JavaScript","variant":"Fetch"},{"key":"javascript","label":"JavaScript","variant":"jQuery"},{"key":"javascript","label":"JavaScript","variant":"XHR"},{"key":"c","label":"C","variant":"libcurl"},{"key":"nodejs","label":"NodeJs","variant":"Axios"},{"key":"nodejs","label":"NodeJs","variant":"Native"},{"key":"nodejs","label":"NodeJs","variant":"Request"},{"key":"nodejs","label":"NodeJs","variant":"Unirest"},{"key":"objective-c","label":"Objective-C","variant":"NSURLSession"},{"key":"ocaml","label":"OCaml","variant":"Cohttp"},{"key":"php","label":"PHP","variant":"cURL"},{"key":"php","label":"PHP","variant":"Guzzle"},{"key":"php","label":"PHP","variant":"HTTP_Request2"},{"key":"php","label":"PHP","variant":"pecl_http"},{"key":"powershell","label":"PowerShell","variant":"RestMethod"},{"key":"python","label":"Python","variant":"http.client"},{"key":"python","label":"Python","variant":"Requests"},{"key":"r","label":"R","variant":"httr"},{"key":"r","label":"R","variant":"RCurl"},{"key":"ruby","label":"Ruby","variant":"Net::HTTP"},{"key":"shell","label":"Shell","variant":"Httpie"},{"key":"shell","label":"Shell","variant":"wget"},{"key":"swift","label":"Swift","variant":"URLSession"}],"languageOptions":[{"label":"C# - HttpClient","value":"csharp - HttpClient - C#"},{"label":"C# - RestSharp","value":"csharp - RestSharp - C#"},{"label":"cURL - cURL","value":"curl - cURL - cURL"},{"label":"Dart - http","value":"dart - http - Dart"},{"label":"Go - Native","value":"go - Native - Go"},{"label":"HTTP - HTTP","value":"http - HTTP - HTTP"},{"label":"Java - OkHttp","value":"java - OkHttp - Java"},{"label":"Java - Unirest","value":"java - Unirest - Java"},{"label":"JavaScript - Fetch","value":"javascript - Fetch - JavaScript"},{"label":"JavaScript - jQuery","value":"javascript - jQuery - JavaScript"},{"label":"JavaScript - XHR","value":"javascript - XHR - JavaScript"},{"label":"C - libcurl","value":"c - libcurl - C"},{"label":"NodeJs - Axios","value":"nodejs - Axios - NodeJs"},{"label":"NodeJs - Native","value":"nodejs - Native - NodeJs"},{"label":"NodeJs - Request","value":"nodejs - Request - NodeJs"},{"label":"NodeJs - Unirest","value":"nodejs - Unirest - NodeJs"},{"label":"Objective-C - NSURLSession","value":"objective-c - NSURLSession - Objective-C"},{"label":"OCaml - Cohttp","value":"ocaml - Cohttp - OCaml"},{"label":"PHP - cURL","value":"php - cURL - PHP"},{"label":"PHP - Guzzle","value":"php - Guzzle - PHP"},{"label":"PHP - HTTP_Request2","value":"php - HTTP_Request2 - PHP"},{"label":"PHP - pecl_http","value":"php - pecl_http - PHP"},{"label":"PowerShell - RestMethod","value":"powershell - RestMethod - PowerShell"},{"label":"Python - http.client","value":"python - http.client - Python"},{"label":"Python - Requests","value":"python - Requests - Python"},{"label":"R - httr","value":"r - httr - R"},{"label":"R - RCurl","value":"r - RCurl - R"},{"label":"Ruby - Net::HTTP","value":"ruby - Net::HTTP - Ruby"},{"label":"Shell - Httpie","value":"shell - Httpie - Shell"},{"label":"Shell - wget","value":"shell - wget - Shell"},{"label":"Swift - URLSession","value":"swift - URLSession - Swift"}],"layoutOptions":[{"value":"classic-single-column","label":"Single Column"},{"value":"classic-double-column","label":"Double Column"}],"versionOptions":[],"environmentOptions":[{"value":"0","label":"No Environment"}],"canonicalUrl":"https://envoyapi.activeidentity.com/view/metadata/6fU1ksh"}