Authentication
POST /api/login
Acquire proper authorization for other API requests.
After a successful authentication, the obtained cookie session can be used for other API requests. GET permission is granted for read-only user access, while GET and POST permissions are granted for read-write user access.
The session is similar to that used in Web Admin Access and governed by the same session idle timeout. For more persistent API access, consider authorization with Client ID / Secret.
Available in 7.0.0 or later
Input Parameters
| Field | Type | Required | Description |
|---|---|---|---|
username | string | ✅ | Username |
password | string | ✅ | Password |
Response
Permission Object:
| Field | Type | Description |
|---|---|---|
GET | number | 1 = allow retrieving data, 0 = not allowed |
POST | number | 1 = allow changing settings, 0 = not allowed |
cURL Example
curl -c cookies.txt -H "Content-Type: application/json" \
-X POST -d '{"username":"user","password":"pass"}' \
http://192.168.1.1/api/login
{
"stat": "ok",
"response": {
"permission": {
"GET": 1,
"POST": 1
}
}
}
POST /api/logout
Properly logout the current session. It is advised to logout immediately after use.
Available in 7.0.0 or later
cURL Example
curl -b cookies.txt -H "Content-Type: application/json" \
-X POST http://192.168.1.1/api/logout
{
"stat": "ok"
}
GET /api/auth.client
Get the authentication client list. Only Admin Permission can access this information.
Available in 7.1.1 or later
Response
Returns an array of Client objects:
| Field | Type | Description |
|---|---|---|
name | string | Name of the client |
clientId | string (hash) | Client ID for granting the access token |
clientSecret | string (hash) | Client Secret for granting the access token |
confidential | boolean | Confidential or public client type |
createTimestamp | integer | Create timestamp of the client |
scope | string | api or api.read-only |
cURL Example
curl -b cookies.txt http://192.168.1.1/api/auth.client
{
"stat": "ok",
"response": [
{
"name": "Client 1",
"clientId": "9270c250111cabab02058007bb72217e",
"clientSecret": "cf5fe1c51252a058ebd6bd7d5f493cf5",
"confidential": false,
"createTimestamp": 32172904,
"scope": "api.read-only"
}
]
}
POST /api/auth.client
Create or remove a client. Only Admin Permission can access this information.
Available in 7.1.1 or later
Create a Client
Input Parameters
| Field | Type | Required | Description |
|---|---|---|---|
action | string | ✅ | add |
name | string | ✅ | Client name |
scope | string | ✅ | api (read-write) or api.read-only (read-only) |
Response
Returns the created Client object (same fields as GET response).
cURL Example
curl -b cookies.txt -H "Content-Type: application/json" \
-X POST -d '{"action":"add","name":"Client 2","scope":"api"}' \
http://192.168.1.1/api/auth.client
{
"stat": "ok",
"response": {
"name": "Client 2",
"clientId": "0396c250111dcaef02058007bb72217e",
"clientSecret": "de5cd1c51252a13854d6bd7ddeabbcf5",
"confidential": false,
"createTimestamp": 32175831,
"scope": "api"
}
}
Remove a Client
Input Parameters
| Field | Type | Required | Description |
|---|---|---|---|
action | string | ✅ | remove |
clientId | string (hash) | ✅ | Client ID to remove |
cURL Example
curl -b cookies.txt -H "Content-Type: application/json" \
-X POST -d '{"action":"remove","clientId":"0396c250111dcaef02058007bb72217e"}' \
http://192.168.1.1/api/auth.client
{
"stat": "ok"
}
GET /api/auth.client.token
Obtain the access token list by providing the client ID. Only Admin Permission can access this information.
Available in 7.1.1 or later
Input Parameters
| Field | Type | Required | Description |
|---|---|---|---|
clientId | string (hash) | optional | Client ID. If absent, all access tokens will be returned. |
Response
Returns an array of Access_Token objects:
| Field | Type | Description |
|---|---|---|
accessToken | string (hash) | Access token |
clientId | string (hash) | Client ID |
clientName | string | Client Name |
authorizationType | number | Always 3 (client credentials grant) |
scope | string | api or api.read-only |
createTimestamp | integer | Issued date in timestamp |
cURL Example
curl -b cookies.txt \
"http://192.168.1.1/api/auth.client.token?clientId=0396c250111dcaef02058007bb72217e"
{
"stat": "ok",
"response": [
{
"accessToken": "43c65216eb16d779092fc40b184a1794",
"clientId": "0396c250111dcaef02058007bb72217e",
"clientName": "Client 1",
"authorizationType": 3,
"scope": "api.read-only",
"createTimestamp": 32177831
}
]
}
POST /api/auth.token.grant
Generate a new access token by giving the clientId and clientSecret.
Available in 7.1.1 or later
Input Parameters
| Field | Type | Required | Description |
|---|---|---|---|
clientId | string (hash) | ✅ | Client ID |
clientSecret | string (hash) | ✅ | Client Secret |
scope | string | optional | api (read-write) or api.read-only (read-only) |
Response
| Field | Type | Description |
|---|---|---|
accessToken | string (hash) | Access token |
authorizationType | number | Always 3 (client credentials grant) |
scope | string | api or api.read-only |
expiresIn | integer | Expires in seconds |
Using the Access Token
Add the access token as a GET parameter:
GET /api/status.wan.connection?accessToken=43c65216eb16d779092fc40b184a1794 HTTP/1.1
Host: 192.168.1.1
cURL Example
curl -b cookies.txt -H "Content-Type: application/json" \
-X POST -d '{"clientId":"0396c250111dcaef02058007bb72217e","clientSecret":"de5cd1c51252a13854d6bd7ddeabbcf5","scope":"api"}' \
http://192.168.1.1/api/auth.token.grant
{
"stat": "ok",
"response": {
"accessToken": "43c65216eb16d779092fc40b184a1794",
"authorizationType": 3,
"scope": "api",
"expiresIn": 172800
}
}
POST /api/auth.token.revoke
Revoke the access token provided. Only Admin Permission or self-revoke can access this.
Available in 7.1.1 or later
Input Parameters
| Field | Type | Required | Description |
|---|---|---|---|
accessToken | string (hash) | ✅ | Access token to revoke |
cURL Example
curl -b cookies.txt -H "Content-Type: application/json" \
-X POST -d '{"accessToken":"0396c250111dcaef02058007bb72217e"}' \
http://192.168.1.1/api/auth.token.revoke
{
"stat": "ok"
}