Extreme API with Python
Table Of Contents
- 1 Preface
- 2 Introduction
- 3 EXOS APIs
- 4 VOSS API
- 5 XMC API
- 6 ExtremeCloud IQ API
- 7 Extreme Campus Controller API
Extreme API with Python
Page | 103
Part no.9036931-00 Rev AA February 2021
Basic authorization is the standard approach, using the authorization header in HTTP or HTTPS.
However, this simple access method is not very secure, as discussed in chapter 2.3.
The OAuth 2.0 method is recommended when security is an important factor. This method requires you
to create a client in the Client API Access tab in the Administration > Users menu.
This generates a Client ID and a Client Secret that can be used for NBI CALLs only.
Use this Client ID and Client Secret to receive an access token from the oAuth server that can be used to
make valid NBI CALLs.
To receive the access token, initiate a POST to this URL:
HTTPS://<xmc-ip-address>:8443/oauth/token/access-token?grant_type=client_credentials
Include the Content-Type header and set it to application/x-www-form-urlencoded. Set the
authorization header with the Client ID and the Client Secret as password.
The response is a JSON-formatted data with the access_token key containing the value expected.
Additional CALLs use Accept and Content-Type headers set to application/json and Authorization set to
Bearer <access_token>.
5.3.5 External Access to the NBI API
Here is a simple example that accesses XMC via GraphQL from an external program. This example uses
the basic authentication method for simplicity.