PDMS-SP API Documentation

Quick Start

Below are the few quick steps to get started with accessing PDMS-SP REST APIs using this portal or through cURL:

1. Obtain Client Credentials

Prerequisites:

Ensure you are a 'Domain Admin' on a PDMS-SP service provider account with REST API entitlement. Refer to 'PDMS-SP Portal' for more information.

Generate REST API client credentials:

Login to the HP Developers Portal, and follow the steps mentioned below to create an app.

Important reminder: "App" = API credentials

[The Developers' Portal is not a code repository. Developers do not store their app code here. On this portal, "app" refers to just the credentials (the Client ID, secret, and scopes) that were provisioned for the developer. So, for the developer, My Apps serves as a wallet for HP credentials.

When a Release Manager approves an app, they are approving the provisioning of a secret that the developer can drop into code stored somewhere else. On the Manage Apps page, "deleting an app" is just cancelling the secret. The developer still has their app code stored somewhere else. It's just that the API call to that API Product will no longer work.]

 

Once logged in click the drop-down arrow next to your username in the Developers Portal and select My Apps.
My Apps provides developers a means for managing their apps in the Developers Portal, including creating and storing app credentials.

 

In My Apps, click Create New App:

 

The Add New App dialog will open. Details might vary depending on your permissions, particularly around Products, but it will look similar to this.

Search for PDMSSP-Product-Staging in products and select PDMSSP-Product-Staging (will be updated once implemented on prod). Enter the app name, description, leave Developer Redirect URL blank, and select both read and write for scope. Then click on Create App.

 

 

Your newly created app will appear immediately in My Apps. There you can view the app status (Approved, Pending, Revoked, etc.), view API credentials (key and secret) and the issued/expiration dates, reset API secrets, and more.

Initially, the app status will be in pending status, and the request will be sent to the PDMS-SP team for approval. Once the PDMS-SP team approves the request, the app status will change to Approved, and an approval mail will be sent to the requestor.

APIs can be accessed using this “Client ID” and “Client Secret” as API username and password, respectively.

Important Note: Keys are valid for 90 days. For API Products, key expiration can be a maximum of 90 days.

2. Obtain Organization ID 

Obtain your Organization ID:

1. Login to your existing ITSP account.

2. Click "Service API" on the left panel. Find your organization id on the right-hand side of the page.



Please note: "Organization ID" to be used as domain id in api base URL: https://hpcorp-lena-test.default.api.hp.com/api/v2/domain/ORGANIZATION_ID/*

3. Access APIs through the HP Developers Portal

Scroll down to the end of this web page.

Note: Production is not configured on HP yet. So, as for staging outbound traffic is not allowed on HP, before trying out the APIs, make sure to enable the HP web proxy on browser. You will also need to be connected to the HP VPN and disable the ZScaler client, as ZScaler may interfere with the web proxy configuration.

Steps: Go to the web browser's Settings -> Search for proxy -> Open your computer’s proxy settings -> Turn OFF automatic proxy setup (both 'Automatically detect settings' and 'Use setup script') -> Click “Setup” button on 'Manual proxy setup' -> Turn it ON and fill in the proxy and port details -> Save.

          

 

For Authentication click on Authorize button.

          

 

Enter ClientID and Secret -> Select scope(optional) -> Click Authorize.

                                                                        

Once authorization is complete, close the authorization widget. 

Click on any API request -> Select Try it out -> Enter required inputs -> Select Execute.

                       

                  

4. Access APIs with cURL

As a quick illustration of the API, we use cURL and jq manually in a bash shell. On Windows, you may want to install git bash, for an equivalent experience (package provides bash and curl, just add jq).

CURL Examples to access APIs:

1. Generate access token from your client credentials obtained from Step 1.

1.1 Genearte base64 encoded token for your Client ID and Client Secret.

For Mac / Linux:

echo -n "Client ID:Client Secret" | openssl enc -base64

			
	echo -n "GRwGuzFJJAAFYKe5ZJZV7SNRjARc2g4r:cMTmee4VAXQcfWXN" | openssl enc -base64
	R1J3R3V6RkpKQUFGWUtlNVpKWlY3U05SakFSYzJnNHI6Y01UbWVlNFZBWFFjZldYTg==

For Windows:

powershell "[convert]::ToBase64String([Text.Encoding]::UTF8.GetBytes('Client ID:Client Secret'))"

			
	powershell "[convert]::ToBase64String([Text.Encoding]::UTF8.GetBytes('GRwGuzFJJAAFYKe5ZJZV7SNRjARc2g4r:cMTmee4VAXQcfWXN'))"
	R1J3R3V6RkpKQUFGWUtlNVpKWlY3U05SakFSYzJnNHI6Y01UbWVlNFZBWFFjZldYTg==

1.2 Call api to generate accesstoken using retrived authorization header token.

NOTE: "--proxy" is added to the curl command only because of HP's restrictions, as the product is currently on staging. Once deployed on Production "--proxy" will be removed.

			
	curl --proxy 'http://web-proxy.corp.hp.com:8080' \
             -X POST \
	     'https://hpcorp-lena-test.default.api.hp.com/api/v2/oauth/client_credential/accesstoken?grant_type=client_credentials' \
	     -H 'Authorization: Basic R1J3R3V6RkpKQUFGWUtlNVpKWlY3U05SakFSYzJnNHI6Y01UbWVlNFZBWFFjZldYTg==' \
	     -H 'Content-Type:application/json; \
	     -d 'Content-Length: 0'\
	     | jq '.|{access_token}'
			
		
			
	{
		"access_token": "AbHeYioQP5NaQqRAjb6ggGMlz2Gp"
	}

We’ll use this access_token to authorize subsequent requests.

2. Make an API call using newly created access token.

Set Header as "Authorization : Bearer access_token".

Pass your organization id retrived from Step 2 as domain id in api base URL: 

		
curl --proxy 'http://web-proxy.corp.hp.com:8080' \
     -X GET \
     'https://hpcorp-lena-test.default.api.hp.com/api/v2/domain/29308/devices?macAddress=9CADEF703211' \
     -H 'Authorization: Bearer AbHeYioQP5NaQqRAjb6ggGMlz2Gp' \
     -d 'Content-Length: 0' \
     | jq '.data|.[0]|{id}'
		
	
		
{
	"id": "29329"
}

3. Upon access_token expiry, please perform step1 to regenerate a new token.

More cURL One-Liner Examples

As a quick illustration of the API, we use cURL and jq manually in a bash shell. On Windows, you may want to install git bash, for an equivalent experience (package provides bash and curl, just add jq).

 

Create Session

Generate base64 encoded token for your client credentails.

For Mac / Linux:

echo -n "Client ID:Client Secret" | openssl enc -base64

		
echo -n "GRwGuzFJJAAFYKe5ZJZV7SNRjARc2g4r:cMTmee4VAXQcfWXN" | openssl enc -base64
R1J3R3V6RkpKQUFGWUtlNVpKWlY3U05SakFSYzJnNHI6Y01UbWVlNFZBWFFjZldYTg==

 

For Windows:

powershell "[convert]::ToBase64String([Text.Encoding]::UTF8.GetBytes('Client ID:Client Secret'))"

		
powershell "[convert]::ToBase64String([Text.Encoding]::UTF8.GetBytes('GRwGuzFJJAAFYKe5ZJZV7SNRjARc2g4r:cMTmee4VAXQcfWXN'))"
R1J3R3V6RkpKQUFGWUtlNVpKWlY3U05SakFSYzJnNHI6Y01UbWVlNFZBWFFjZldYTg==

Call api to generate accesstoken using retrived authorization header token.

		
curl --proxy 'http://web-proxy.corp.hp.com:8080' \ 
-X POST \
'https://hpcorp-lena-test.default.api.hp.com/api/v2/oauth/client_credential/accesstoken?grant_type=client_credentials' \
-H 'Authorization: Basic R1J3R3V6RkpKQUFGWUtlNVpKWlY3U05SakFSYzJnNHI6Y01UbWVlNFZBWFFjZldYTg==' \
-H 'Content-Type:application/json' \
-d 'Content-Length: 0'
		
	
		
{
	"access_token": "AbHeYioQP5NaQqRAjb6ggGMlz2Gp"
	"token_type": "Bearer"
	"issued_at": "1581366190617"
	"expires_in": "172799"
}

We’ll use this access_token to authorize subsequent requests.

Upon access_token expiry, please perform this step again to regenerate new access_token.

Pass your organization id as domain id as part of api base URL: 

 

Identify a Device

Find the identifier for a specific device by MAC address.

		
curl --proxy 'http://web-proxy.corp.hp.com:8080' \
     -X GET \
     'https://hpcorp-lena-test.default.api.hp.com/api/v2/domain/29308/devices?macAddress=9CADEF703211' \
     -H 'Authorization: Bearer AbHeYioQP5NaQqRAjb6ggGMlz2Gp' \
     -d 'Content-Length: 0' \
     | jq '.data|.[0]|{id}'
		
	
		
{
	"id": "29329"
}

We’ll use the (resource instance) identifier to issue further requests on that device.

 

Check Device State

Check the device’s online state (device connected to OBiTALK servers).

curl --proxy 'http://web-proxy.corp.hp.com:8080' \
-s -X POST \
    'https://hpcorp-lena-test.default.api.hp.com/api/v2/domain/29308/devices/29329/quick-values' \
    -H 'Authorization: Bearer AbHeYioQP5NaQqRAjb6ggGMlz2Gp' -d 'Content-Length: 0'\
    | jq '.data|{online}'
{
      "online": true
}

Device is online, we can issue commands to it.

 

Reboot Device

Let’s reboot it.

curl --proxy 'http://web-proxy.corp.hp.com:8080' \
-s -X POST \
    'https://hpcorp-lena-test.default.api.hp.com/api/v2/domain/29308/devices/29329/reboots' \
    -H 'Authorization: Bearer AbHeYioQP5NaQqRAjb6ggGMlz2Gp' -d 'Content-Length: 0'\
    | jq '.data|{ackedAt}'
{
      "ackedAt": "2019-02-23T11:46:23-08:00"
}

We have an acknowledgent timestamp: the device received the reboot command.