Appliance Management API (0.1.0)

Download OpenAPI specification:Download

Anapaya Operations: [email protected]

Management API for the Anapaya EDGE and CORE appliances

init

Operations that are important for initialization of the appliance.

Put a new configuration

✨Added in v0.24

Put a new configuration to the appliance.

query Parameters
force
boolean

Push the configuration, even if configuration validation fails. This parameter MUST be used with care as it can leave the appliance in a misconfigured state.

disable_strict_parsing
boolean

Disable strict parsing of the appliance configuration.

header Parameters
If-Match
string
Request Body schema: application/json

The config to be pushed to the appliance.

required
object (Config)

Anapaya appliance configuration

Responses

Request samples

Content type
application/json
{
  • "config": {
    }
}

Response samples

Content type
application/json
{
  • "config": {
    },
  • "metadata": {
    }
}

Validates a configuration

✨Added in v0.34

Validates a configuration.

query Parameters
disable_strict_parsing
boolean

Disable strict parsing of the appliance configuration.

Request Body schema: application/json

The config to be validated.

required
object (Config)

Anapaya appliance configuration

Responses

Request samples

Content type
application/json
{
  • "config": {
    }
}

Response samples

Content type
application/json
{
  • "config": {
    },
  • "metadata": {
    }
}

Add a TRC file

✨Added in v0.24

Add a SCION CPPKI Trust Root Configuration (TRC) file to the device. The TRC is first validated before it is added to the trust store. Only valid TRCs are added to the trust store. Use the 'force' query parameter to force the addition of the TRC regardless of validity.

query Parameters
force
boolean
Default: false

If force is true, the TRC is added regardless of validity.

Request Body schema: application/x-pem-files
string <binary>

The PEM encoded signed TRC.

Responses

Request samples

Content type
application/x-pem-files
-----BEGIN TRC-----
ZjAwOjA6MTEwI ...
-----END TRC-----

Response samples

Content type
application/json
{
  • "trc": {
    }
}

Add a bundle of TRC files

✨Added in v0.28

Add a bundle SCION CPPKI Trust Root Configuration (TRC) files to the device. The TRCs are first validated before they are added to the trust store. Only valid TRCs are added to the trust store. Use the 'force' query parameter to force the addition of the TRCs regardless of validity.

query Parameters
force
boolean
Default: false

If force is true, the TRC is added regardless of validity.

Request Body schema: application/x-pem-files
string <binary>

The PEM encoded signed TRC.

Responses

Request samples

Content type
application/x-pem-files
-----BEGIN TRC-----
ZjAwOjA6MTEwI ...
-----END TRC-----
-----BEGIN TRC-----
6QV3F2EsMZVWD ...
-----END TRC-----
-----BEGIN TRC-----
GO0Vg34C8eRAu ...
-----END TRC-----

Response samples

Content type
application/json
{
  • "trcs": [
    ]
}

Create an AS certificate signing request

✨Added in v0.24

Create a SCION CPPKI AS Certificate Signing Request (CSR). The CSR needs to be signed by a SCION CPPKI Certificate Authority in the local ISD. The fully signed certificate chain then needs to be installed via the /cppki/certificates endpoint.

Request Body schema: application/json

The parameters for the CSR.

required
object (Subject of a certificate signing request.)

Responses

Request samples

Content type
application/json
{
  • "subject": {
    }
}

Response samples

Content type
{
  • "certificate_signing_request": {
    }
}

Add an AS certificate chain

✨Added in v0.24

Add a SCION CPPKI AS certificate chain to the device by promoting an existing certificate signing request. The certificate chain is first verified against the active TRC of the local ISD before it is added. Only verifiable certificate chains are added. Use the 'force' query parameter to force the addition of the certificate chain regardless of validity or verifiability.

query Parameters
force
boolean
Default: false

If force is true the certificate chain is added regardless of validity.

Request Body schema:
string <binary>

Certificate chain containing the new AS certificate and the issuing CA certificate encoded in a degenerate PKCS#7 data structure.

Responses

Request samples

Content type
No sample

Response samples

Content type
application/json
{
  • "certificate_chain": {
    }
}

config

Operations related to managing the configuration of the appliance.

Get the current configuration

✨Added in v0.24

Get the currently active appliance configuration.

query Parameters
suppress_secrets
boolean

Do not expose secrets in the response.

header Parameters
If-None-Match
string

Responses

Response samples

Content type
application/json
{
  • "config": {
    },
  • "metadata": {
    }
}

Put a new configuration

✨Added in v0.24

Put a new configuration to the appliance.

query Parameters
force
boolean

Push the configuration, even if configuration validation fails. This parameter MUST be used with care as it can leave the appliance in a misconfigured state.

disable_strict_parsing
boolean

Disable strict parsing of the appliance configuration.

header Parameters
If-Match
string
Request Body schema: application/json

The config to be pushed to the appliance.

required
object (Config)

Anapaya appliance configuration

Responses

Request samples

Content type
application/json
{
  • "config": {
    }
}

Response samples

Content type
application/json
{
  • "config": {