On this page

todo:Describe API Key concept


Client MUST set Private-Token HTTP Request header and set it with proper Key in order to get access to protected API


datastream API

Access to DataStream

API:Role Description
datastream:administrativedomain administrativedomain datastream access
datastream:alarm alarm datastream access
datastream:resourcegroup resourcegroup datastream access
datastream:managedobject managedobject datastream access
datastream:dnszone dnszone datastream access
datastream:cfgping cfgping datastream access
datastream:cfgsyslog cfgsyslog datastream access
datastream:cfgtrap cfgtrap datastream access
datastream:vrf vrf datastream access
datastream:prefix prefix datastream access
datastream:address address datastream access


API:Role | Description
nbi:config | NBI config API access
nbi:configrevisions NBI configrevisions API access
nbi:getmappings NBI getmappings API access
nbi:objectmetrics NBI objectmetrics API access
nbi:objectstatus NBI objectstatus API access
nbi:path NBI path API access
nbi:telemetry NBI telemetry API access

Best Practices

  • Grant separate API Keys for every connected system
  • Grant separate API Keys for every developer, Restrict key lifetime
  • Grant separate API Keys for every external tester, Restrict key to short lifetime