Overview

Description format

endpoint the URL endpoint, ie: https://1.2.3.4/endpoint
summary description of endpoint
Method one of POST/GET/PUT/DELETE
input format JSON or in-line parameter
input expected variable(s)
output expected output

List of APIs

APIS

definitions

endpoint definitions
summary Definitions shared with front-end
Method GET
input format <none>
input <none>
output SDCERR: errors may be returned by web server;
PERMISSIONS: user permission types to be used by front-end;
PLUGINS: plugins to be used by front-end;
SETTINGS: settings needed by front-end, including session_timeout;

return to list of APIs

login

endpoint login
summary user login
Method POST
input format JSON
input username
password
output SDCERR: 0 -success, others - fail
PERMISSIONS: a string of user permission
REDIRECT: 1 - password needs to be updated for the first-time login

return to list of APIs

logout

endpoint login
summary user logout
Method DELETE
input format <none>
input <none>
output <none>

return to list of APIs

networkStatus

endpoint networkStatus
summary Get network status
Method GET
input format <none>
input <none>
output SDCERR: 0 - success, others – fail
devices: number of devices
status – array of status of interfaces, including:
    Status:
        State: the current state of the device
        Mtu: maximum transmission unit
        DeviceType: the general type of the network device

    connection_active when connection is activated:
        id
        uuid
        interface-name
        zone:
        type: “802-3-ethernet”, “802-11-wireless”, “bridge” etc.
        timestamp: in seconds since the Unix Epoch, that the connection was last successfully fully activated

    ipv4config:
        Addresses: Array of IP address data objects. All addresses will include “address” (an IP address string), and “prefix” (a uint).
        Routes
        Gateway
        Domains

    ipv6config:
        Addresses
        Routes
        Gateway
        Domains

    wired if it is an Ethernet connection
        HwAddress
        Speed
        Carrier
    or wireless if it is a wireless connection:
        Bitrate
        HwAddress
        Mode
        RegDomain

    Activeaccesspoint if connected to an AP:
        SSID
        Hwaddress
        Strength: The current signal quality of the access point, in percent
        Frequency: The radio channel frequency in use by the access point, in MHz
        MaxBitrate: The maximum bitrate this access point is capable of, in kilobits/second
        Flags: Flags describing the capabilities of the access point.
        Wpaflags: Flags describing the access point’s capabilities according to WPA
        Rsnflags: Flags describing the access point’s capabilities according to the RSN
Device status is returned by NetworkManager hence subject to the change of NetworkManager.

return to list of APIs

connections

endpoint connections
summary Get all connection profiles
Method GET
input format <none>
input <none>
output SDCERR: 0 – success, others – fail
Length: number of connection profiles
Connections: array of connections indexed by uuid:
    id: name of connection
    activated: 1 – activated, 0 – deactivated
    type: “ap”, for AP mode only

return to list of APIs

connection

endpoint connection
summary Activate/deactivate a connection
Method PUT
input format JSON
input uuid: uuid of the connection to be activated
activate: 1 – activate, 0 - deactivate
output SDCERR: 0 – success, others – fail
endpoint connection?uuid=
summary get connection details for specific UUID
Method GET
input format in-line parameter
input uuid: uuid of the connection
output SDCERR: 0 – success, others – fail
endpoint connection?uuid=
summary Delete a connection
Method DELETE
input format in-line parameter
input uuid: uuid of the connection to be deleted
output SDCERR: 0 – success, others – fail

return to list of APIs

networkInterfaces

endpoint networkInterfaces
summary Get available network interfaces
Method GET
input format <none>
input <none>
output array of interfaces

return to list of APIs

certificate/PAC files for network config

endpoint files?type=
summary Get available certificate/PAC files
Method GET
input format in-line parameter
input type: “cert” or “pac”
output Array of certificate/PAC files

return to list of APIs

Ethernet Config

endpoint connection
summary Create or update an Ethernet profile
Method POST
input format JSON
input connection:
    uuid: back-end will generate an uuid for each connection
    id: name of the profile
    type: “802-3-ethernet”
    interface-name: Ethernet interface name
    autoconnect: whether enable auto connect
    zone: firewalld zone to be added to
    master: uuid or interface-name of the bridge master
    slave-type: bridge if the connection is to be a bridge slave

ipv4:
    method: one of “disabled”, “auto”, “manual”, “shared”, or “link-local”
    gateway:
    dns:
    address-data: address/prefix

ipv6:
    method: “disabled”, “auto”, “manual”, “dhcp”, “shared”, “ignore”, or “link-local”
    gateway:
    dns:
    address-data: address/prefix
output SDCERR: 0 – success, others – fail

return to list of APIs

Bridge master Config

endpoint connection
summary Create or update a bridge master connection. Bridge is a software device. Need to define software devices in the config file first.
Method POST
input format JSON
input connection:
    uuid: back-end will generate an uuid for each connection
    id: name of the profile
    type: “bridge”
    interface-name: one of interfaces listed in the config file.
    autoconnect: whether enable auto connect
    zone: firewalld zone to be added to

ipv4:
    method: one of “disabled”, “auto”, “manual”, “shared”, or “link-local”
    gateway:
    dns:
    address-data: address/prefix

ipv6:
    method: “disabled”, “auto”, “manual”, “dhcp”, “shared”, “ignore”, or “link-local”
    gateway:
    dns:
    address-data: address/prefix

bridge
    None for the moment.
output SDCERR: 0 – success, others – fail

return to list of APIs

WiFi Config

endpoint connection
summary Create or update a WiFi connection
Method POST
input format JSON
input The same ipv4 and ipv6 inputs to Ethernet connection. WiFi inputs are listed in the table below.
output SDCERR: 0 – success, others – fail
     
connection    
  id Name of connection
  uuid if left empty, server will generate one
  type “802-11-wireless”
  interface-name “wlan0”
  autoconnect 0/1
  master For bridge mode, Interface name or uuid of the bridge master connection
  slave-type “bridge” for bridge mode
  zone  
802-11-wireless    
  ssid ssid
  hidden 1: indicates the network is a non-broadcasting network that hides its SSID
0: default. Don’t make the network as hidden
  mode “ap” or “infrastructure”
  client-name CCX client name
  tx-power if non-zero, directs the device to use the specified transmit power. Units are dBm.
  band 802.11 frequency band of the network, “a” for 5GHz, “bg” for 2.4GHz. Default is not set. In default case, auto channel selection will work across bands.
  channel Wireless channel to use for the Wi-Fi connection for “ap” mode.
  frequency-list A string listing the allowed frequencies for AP or station, i.g if only channel 1 and 6 are wanted to setup an AP with ACS, set it to “2412 2437”.
  powersave Power saving policy
  acs Enable - 1, disable - 0.
“frequency-list”, “band’ and “channel”:
    1.“frequency-list” has the highest priority – it overrides “band”.
    2.If “band” is set, acs shall return “channel” if “channel” is set, otherwise it shall return the “best” channel of the band;
    3. if band is not set, acs shall return the “best” channel of both bands.
    4. channel 14 shall not be used in any case.
802-11-wireless-security    
  key-mgmt “none”, “ieee8021x”, “wpa-psk”, “wpa-eap”
  auth-alg When WEP is used, indicate the 802.11 authentication algorithms, one of “open”, “share” or “leap”.
  wep-tx-keyidx WEP key index for static WEP
  proto rsn or wpa
  pairwise ccmp or tkip
  group ccmp, tkip, wep40, or wep104
  wep-key0 WEP key 0
  wep-key1 WEP key 1
  wep-key2 WEP key 2
  wep-key3 WEP key 3
  leap-username For legacy LEAP connection
  leap-password For legacy LEAP connection
  psk Pre-shared key for WPA personal network
802-1x   (WPA-enterprise)
  eap The allowed EAP method to be used when authenticating to the network with 802.1x. Valid methods are: “leap”, “md5”, “tls”, “peap”, “ttls”, “pwd”, and “fast”.
  auth-timeout A timeout for authentication. Zero means the global default; if the global default is not set, the authentication timeout is 25 seconds.
  tls-disable-time-checks Disable checking of the server certificates date.
  phase1-fast-provisioning Enables or disables in-line provisioning of EAP-FAST credentials when FAST is specified as the EAP method in the “eap” property. Recognized values are “0” (disabled), “1” (allow unauthenticated provisioning), “2” (allow authenticated provisioning), and “3” (allow both authenticated and unauthenticated provisioning).
  identity Identity string for EAP authentication methods
  anonymous-identity Anonymous identity string for EAP authentication methods.
  password UTF-8 encoded password for EAP authentication methods.
  ca-cert Contains the CA certificate if used by the EAP method specified in the “eap” property.
  ca-cert-password Password to access CA certificate.
  client-cert Contains the client certificate if used by the EAP method specified in the “eap” property.
  client-cert-password The password used to access a client’s certificate.
  private-key Contains the private key when the “eap” property is set to “tls”.
  private-key-password The password used to decrypt the private key
  phase2-auth Specifies the allowed “phase 2” inner non-EAP authentication method when an EAP method that uses an inner TLS tunnel is specified in the “eap” property. Recognized non-EAP “phase 2” methods are “pap”, “chap”, “mschap”, “mschapv2”, “gtc”, “otp”, “md5”, and “tls”.
  phase2-autheap Specifies the allowed “phase 2” inner EAP-based authentication method when an EAP method that uses an inner TLS tunnel is specified in the “eap” property. Recognized EAP-based “phase 2” methods are “md5”, “mschapv2”, “otp”, “gtc”, and “tls”.
  phase2-ca-cert Contains the “phase 2” CA certificate if used by the EAP method specified in the “phase2-auth” or “phase2-autheap” properties.
  phase2-ca-cert-password The password to access the “phase2” CA certificate
  phase2-client-cert Contains the “phase 2” client certificate if used by the EAP method specified in the “phase2-auth” or “phase2-autheap” properties.
  phase2-client-cert-password The password used to access the “phase2” client certificate
  phase2-private-key Contains the “phase 2” inner private key when the “phase2-auth” or “phase2-autheap” property is set to “tls”.
  phase2-private-key-password Password to decrypt the “phase2” private key.
  pac-file UTF-8 encoded file path containing PAC for EAP-FAST.
  pac-file-password Password to decrypt the PAC file.

For more information, refer to NetworkManager User Guide.

return to list of APIs

WiFi Scanning

endpoint accesspoints
summary Get cache access points
Method GET
input format <none>
input <none>
output SDCERR: 0 – success, others – fail
accesspoints: array of access points:
    SSID
    Frequency
    Strength
    Security
endpoint accesspoints
summary Initiate a WiFi scan
Method PUT
input format <none>
input <none>
output SDCERR: 0 – success, others – fail

return to list of APIs

GSM Config

endpoint connection
summary Create or update a GSM profile
Method POST
input format JSON
input connection:
    uuid: back-end will generate an uuid for each connection
    id: name of the profile
    type: “gsm”
    interface-name: gsmtty1 when cmux is enabled, otherwise ttyS4
    autoconnect: whether enable auto connect
    zone: firewalld zone to be added to
    master: uuid or interface-name of the bridge master
    slave-type: bridge if the connection is to be a bridge slave

ipv4:
    method: one of “disabled”, “auto”, “manual”, “shared”, or “link-local”
    gateway:
    dns:
    address-data: address/prefix

ipv6:
    method: “disabled”, “auto”, “manual”, “dhcp”, “shared”, “ignore”, or “link-local”
    gateway:
    dns:
    address-data: address/prefix

gsm
    apn: vzminternet for Verizon
output SDCERR: 0 – success, others – fail

return to list of APIs

Log data query

endpoint logData?type=&priority=&days=
summary Query log data based on conditions.
Method GET
input format in-line parameters
input type: Kernel/NetworkManager/python/All
priority: 0-7
days: since 1/2/7/14/30/60/ ago, -1 for all
output Log data separated by “:#:”
endpoint logSetting
summary Get log level settings
Method GET
input format _<none>_
input _<none>_
output current log level settings
endpoint logSetting
summary Set log level for supplicant and driver
Method PUT
input format JSON
input suppDebugLevel: none/error/warning/info/debug/msgdump/excessive
driverDebugLevel: 0 – off, 1 - on
output SDCERR: 0 – success, others – fail

return to list of APIs

User management

endpoint users
summary Get user list
Method GET
input format <none>
input <none>
output Array of users, including:
    name:
    permission
endpoint users
summary Add a user
Method POST
input format JSON
input username:
password:
permission:
output SDCERR: 0 – success, others – fail
endpoint users/username=
summary DELETE a user
Method DELETE
input format in-line parameter
input username: user name to be removed
output SDCERR: 0 – success, others – fail
endpoint users
summary Update password
Method PUT
input format JSON
input username:
current_password:
new_password:
output SDCERR: 0 – success, others – fail
REDIRECT: 1 – re-login

return to list of APIs

Date and time

endpoint datetime
summary Get date and time
Method GET
input format <none>
input <none>
output zone: system time zone
zones: a list of time zones
time: date and time
method: whether to enable manual setting of date and time setting. 0 – for auto, 1 – for manual

return to list of APIs

Factory Reset

endpoint factoryReset
summary Perform factory reset
Method PUT
input format <none>
input <none>
output SDCERR: 0 – success, others – fail

return to list of APIs

System Reboot

endpoint reboot
summary Perform a system reboot
Method PUT
input format <none>
input <none>
output <none>

return to list of APIs

Updated Encrypted zip file

endpoint file
summary Upload an encrypted zip file. This is to update the system config directory.
Method POST
input format JSON
input Password: to unzip file
file: filenametype: "config"
output SDCERR: 0 – success, others – fail

return to list of APIs

Download encrypted zip file

endpoint file>type=& password=
summary Download an encrypted zip file. This is to download ‘config’, ‘log’ or ‘debugging’ file.
‘debugging’ file is encrypted with a certificate file - default is /etc/weblcm-python/ssl/ca.crt.
Others are zipped with password.
Method GET
input format in-line parameters
input type: one of ‘config’, ‘debug’, or ‘log’
output zip file as stream

return to list of APIs

Upload Certificate/PAC file

endpoint file
summary Upload a certificate/PAC file.
Method POST
input format JSON
input file: filename
type: “cert” or “pac”
output SDCERR: 0 – success, others – fail

return to list of APIs

Delete Certificate/PAC file

endpoint file?type=&file=
summary Delete a certificate/PAC file
Method DELETE
input format in-line parameter
input file: filename
type: “config”
output SDCERR: 0 – success, others – fail

return to list of APIs

Firmware Update - client mode

endpoint firmware
summary start firmware update
Method POST
input format JSON
input image: images to be installed, either “main” or “full”. If not set, “main” will be used.
output SDCERR: 0 – success, others – fail
endpoint firmware
summary doing firmware update
Method PUT
input format Content type needs to be set to “application/octet-stream”.
input Send firmware image block by block - 128K per block;
output http stats: 200 - OK, others -fail
endpoint firmware?mode=0
summary Check firmware update finished or not after sending the complete image
Method GET
input format <none>
input <none>
output SDCERR: 0 – success, others – fail
message: for failed cases
endpoint firmware
summary Cleanup after firmware update
Method DELETE
input format <none>
input <none>
output <none>

return to list of APIs

Firmware Update - mode 1

endpoint firmware
summary do firmware update. This API will block a short while in order to start the swupdate service, but will not block during firmware update process
Method POST
input format JSON
input image: images to be installed, either “main” or “full”. If not set, “main” will be used.
url: from where firmware is to be downloaded, e.g. http://192.168.1.100/file.swu
output SDCERR: 0 – success, others – fail
endpoint firmware?mode=1
summary Get firmware update result. Called if firmware POST operation returns success
Method GET
input format <none>
input <none>
output SDCERR: 0 – updated, 1– fail, 5-updating
endpoint firmware
summary release resources
Method DELETE
input format <none>
input <none>
output <none>

return to list of APIs

Version Info

endpoint version
summary Get version information
Method GET
input format <none>
input <none>
output nm_version: NetworkManager version number.
weblcm_python_webapp: weblcm version number.
build: build number. Shall be the release number unless use a locally built image(in this case shall be 0.x.0.0 + timestamp)
supplicant: supplicant version number.
driver: WiFi driver used.
driver_version: WiFi driver version number.

return to list of APIs

WiFi Geo-location Scanning

endpoint awm
summary Enable/disable WIFI geo-location scanning. This is an advanced feature. Geo-location scanning should be disabled in the rare circumstance that no surrounding Wi-Fi network is broadcasting country code information.
Method PUT
input format JSON
input geolocation_scanning_enable:
0 – disable
1 - enable
output SDCERR: 0 – success, others – fail
endpoint awm
summary Get WiFi geo-location Scanning setting
Method GET
input format <none>
input <none>
output SDCERR: 0 – success, others - fail
geolocation_scanning_enable: 0 – disabled, 1 - enabled

return to list of APIs

Positioning

endpoint positioning
summary Set token to access ublox server
Method PUT
input format JSON
input token: string
output SDCERR: 0 – success, others – fail
endpoint positioning
summary Get location
Method GET
input format <none>
input <none>
output SDCERR: 0 – success, others - fail
Positioning: ‘longitude’, ‘latitude’ for celllocate

NMEA data for GPS. Weblcm-python forwards what it get from ModemManager and clients is responsible to parse NMEA data.

return to list of APIs

Positioning Switch

endpoint positioningSwitch
summary Enable/disable Celllocate and GPS (exclusive). Once GPS is enabled, NMEA data will be updated periodically unless it is disabled. For Celllocate, you will get only 1 location data each time, which means you have to disable and then enable again to get an update.
Method PUT
input format JSON
input Source: 0 – disable, 2-celllocate, 4-gps
output SDCERR: 0 – success, others – fail
source: 0 – disabled, 2 – celllocate is enabled, 4 – gps is enabled
endpoint positioning
summary Get status of location switch
Method GET
input format <none>
input <none>
output SDCERR: 0 – success, others - fail
source: 0 – disabled, 2 – celllocate is enabled, 4 – gps is enabled

return to list of APIs

FIPS Setting

endpoint fips
summary Enable/disable fips/fips_wifi. It will take effect after reboot.
Method PUT
input format JSON
input fips: “unset”, “fips” or “fips_wifi”
output SDCERR: 0 – success, others – fail
endpoint fips
summary Get status of current fips setting
Method GET
input format <none>
input <none>
output SDCERR: 0 – success, others - fail
status: “fips”, “fips_wifi”. All others shall be considered as “unset”.

return to list of APIs