API menu

SD-LAN SD-WAN Network View Documentation

Introduction

The KPN SD-LAN SD-WAN Network View API offers an interface for software to interact directly with the KPN SD-LAN SD-WAN products, based on the Cisco Meraki cloud platform and Cisco Meraki managed devices. The API contains a set of endpoints for use cases such as monitoring, event management, and video camera analystics.

The API resources follow a structure like in the image below. Organizations consist of networks, which contain devices such as access points, switches and MX security appliances. The characteristics of these devices can be configured with the API.

Documentation page Meraki Overview

The KPN SD-LAN SD-WAN Network View API is a REST API using HTTPS requests to a URL and JSON as a human-readable format.

The API call volume rate is limited to 3 calls per second per organization.

API specification

Test the API on SwaggerHub

Base URL

https://api-prd.kpn.com/kpn/meraki

Conceptual model

Documentation page SD LAN SD-WAN Network-View conceptual-model

Description

  1. You communicate the item of your ICT environment you want more info about to My Developer Portal through the SD-LAN SD-WAN Network View API.
  2. My Developer Portal immediately moves the request to the Cisco Meraki cloud platform.
  3. The Meraki controller retrieves the information from your ICT environment.
  4. The cloud platform returns the information you requested via the API to you.

Network View API

The Network View API gives users read rights to retrieve information from the Network View API resources.

Allowed methods: GET

Requirements

This API is only available for customers of KPN SD-LAN SD-WAN services based on Cisco Meraki.

Definitions

Layer 3 (L3) firewall rule

L3 firewall rules provide administrators granular access control of client traffic. Layer 3 firewalls filter traffic, based on the TCP/IP stack. This approach is sometimes also referred to as packet filtering because you’re essentially allowing and blocking individual network packets depending on where they originated and which ports they want to talk to.

MAC address

In a local area network (LAN) or other network, the MAC (Media Access Control) address is the computer's unique hardware number.

MX

Cisco Meraki MX Security Appliances are multi-functional security & SD-WAN enterprise appliances, with a wide set of capabilities to address multiple use cases from an all-in-one device.

PoE

Power over Ethernet (PoE) is a technology for wired Ethernet local area networks (LANs) that allows the electrical current necessary for the operation of each device to be carried by the data cables rather than by power cords.

Quality of Service (QoS)

QoS is the description or measurement of the overall performance of a service, such as a telephony, computer network or a cloud computing service, particularly the performance seen by the users of the network.

SSID

Service Set Identifier. A “service set” refers to a collection of wireless networking devices with the same parameters. SSIDs serve as "wireless network names" and are typically natural language labels.

Switch

A network switch is a device that connects different network segments together transparently.

Switch port

A network switch port is a physical interface on the switch where devices connect to the switch.

VLAN

A VLAN (virtual LAN) is a sub-network, which can group together collections of devices on separate physical local area networks (LANs).

API workflow

Documentation page SD-LAN SD-WAN View workflow

Features

  • Retrieve information about the configuration of your networks, devices, VLANs, and more.
  • Get the latest network status and information on events.
  • See results of the analytics performed on images captured with your security cameras.

Getting started

Make sure you've read What's in it for you for more info on how to register and start testing APIs.

Authentication

The API follows the KPN Store API Authentication Standard to secure the API. It includes the use of OAuth 2.0 client_id and client_secret to receive an access token.

Go to the Authentication tab on top of this page to find out how to:

  • Authenticate to an API using cURL.
  • Authenticate to an API on Swaggerhub.
  • Import Open API Specifications (OAS), also called Swagger files into Postman.

How to...

Parameters marked with an asterisk are required. Example: serial*.

Retrieve Layer 3 firewall rules for MX appliances {get-l3-firewall-mx}

This endpoint returns the L3 firewall rules for an MX appliance.

Request

GET /networks/{networkId}/l3FirewallRules

Path parameter Type Description
networkId* string Network identity is a portion of the TCP/IP address that is used to identify individuals or devices on a network such as a local area network or the Internet.

Response

Response example
Successful HTTP Status: 200 [ { "comment": "Allow TCP traffic to subnet with HTTP servers.", "policy": "allow", "protocol": "tcp", "destPort": 443, "destCidr": "192.168.1.0/24", "srcPort": "Any", "srcCidr": "Any", "syslogEnabled": false } ]

Retrieve a list of switch ports {#get-switch-ports}

Lists the switch ports for a switch.

Request

GET /devices/{serial}/switchPorts

Path parameter Type Description
serial* string The serial number of the device. Example: Q7QN-9J8L-SGTD
Query parameter Type Description
t0 string The beginning of the timespan for the data. The maximum lookback period is 31 days from today.
timespan integer The timespan for which the information will be fetched. If specifying timespan, do not specify parameter t0. The value must be in seconds and be less than or equal to 31 days. The default is 1 day.

Response

Response example
Successful HTTP Status: 200 [ { "number": 1, "name": "My switch port", "tags": "tag1 tag2", "enabled": true, "poeEnabled": true, "type": "access", "vlan": 10, "voiceVlan": 20, "isolationEnabled": false, "rstpEnabled": true, "stpGuard": "disabled", "accessPolicyNumber": "1234", "linkNegotiation": "Auto negotiate", "portScheduleId": "1234", "udld": "Alert only", "macWhitelist": [ "34:56:fe:ce:8e:a0", "34:56:fe:ce:8e:a1" ], "stickyMacWhitelist": [ "34:56:fe:ce:8e:b0", "34:56:fe:ce:8e:b1" ], "stickyMacWhitelistLimit": 5, "stormControlEnabled": true } ]

Retrieve a specific switch port {#get-specific-switch-port}

Request

GET /devices/{serial}/switchPorts/{number}

Path parameter Type Description
serial* string The serial number of the device. Example: Q7QN-9J8L-SGTD
number * string The number of the device. Example: Q7QN-9J8L-SGTD

Response

Response example
Successful HTTP Status: 200 { "number": 1, "name": "My switch port", "tags": "tag1 tag2", "enabled": true, "poeEnabled": true, "type": "access", "vlan": 10, "voiceVlan": 20, "isolationEnabled": false, "rstpEnabled": true, "stpGuard": "disabled", "accessPolicyNumber": "1234", "linkNegotiation": "Auto negotiate", "portScheduleId": "1234", "udld": "Alert only", "macWhitelist": [ "34:56:fe:ce:8e:a0", "34:56:fe:ce:8e:a1" ], "stickyMacWhitelist": [ "34:56:fe:ce:8e:b0", "34:56:fe:ce:8e:b1" ], "stickyMacWhitelistLimit": 5, "stormControlEnabled": true }

Retrieve a list of Service Set Identifiers (SSID) {#get-ssid}

Lists the SSIDs in a network. Supports networks with access points or wireless-enabled security appliances and teleworker gateways.

Request

GET /networks/{networkId}/ssids

Path parameter Type Description
networkId * string The network ID of the device. Example: L_1234567894811040791

Response

Response example
Successful HTTP Status: 200 [ { "number": 0, "name": "My SSID", "enabled": true, "splashPage": "Click-through splash page", "ssidAdminAccessible": false, "authMode": "8021x-radius", "encryptionMode": "wpa-eap", "wpaEncryptionMode": "WPA2 only", "radiusServers": [ { "host": "0.0.0.0", "port": 3000 } ], "radiusAccountingEnabled": false, "radiusEnabled": true, "radiusAttributeForGroupPolicies": "Filter-Id", "radiusFailoverPolicy": "null", "radiusLoadBalancingPolicy": "null", "ipAssignmentMode": "NAT mode", "adminSplashUrl": "http://example.com", "splashTimeout": "30 minutes", "walledGardenEnabled": true, "walledGardenRanges": "example.com", "minBitrate": 11, "bandSelection": "5 GHz band only", "perClientBandwidthLimitUp": 0, "perClientBandwidthLimitDown": 0, "visible": true, "availableOnAllAps": false, "availabilityTags": [ "test-tag" ] } ]

Retrieve a single SSID {#get-single-ssid}

Returns a specific Service Set Identifier (SSID).

Request

GET /networks/{networkId}/ssids/{number}

Path parameter Type Description
networkId * string The network ID of the device. Example: L_1234567894811040791
number * string The number of the SSID instance.

Response

Response example
Successful HTTP Status: 200 { "number": 0, "name": "My SSID", "enabled": true, "splashPage": "Click-through splash page", "ssidAdminAccessible": false, "authMode": "8021x-radius", "encryptionMode": "wpa-eap", "wpaEncryptionMode": "WPA2 only", "radiusServers": [ { "host": "0.0.0.0", "port": 3000 } ], "radiusAccountingEnabled": false, "radiusEnabled": true, "radiusAttributeForGroupPolicies": "Filter-Id", "radiusFailoverPolicy": "null", "radiusLoadBalancingPolicy": "null", "ipAssignmentMode": "NAT mode", "adminSplashUrl": "http://example.com", "splashTimeout": "30 minutes", "walledGardenEnabled": true, "walledGardenRanges": "example.com", "minBitrate": 11, "bandSelection": "5 GHz band only", "perClientBandwidthLimitUp": 0, "perClientBandwidthLimitDown": 0, "visible": true, "availableOnAllAps": false, "availabilityTags": [ "test-tag" ] }

List of API resources

Go to the interactive OpenAPI Specification (OAS) documentation on SwaggerHub to explore the SD-LAN SD-WAN Network View API endpoints. See KPN SD-LAN SD-WAN Network View API.

Each endpoint has a complete description of all the required parameters:

  • Bluetooth clients.
  • Bluetooth settings.
  • Camera quality retention profiles.
  • Cameras.
  • Clients.
  • Connectivity monitoring destinations.
  • Content filtering categories.
  • Content filtering rules.
  • Devices.
  • Events.
  • Firewalled services.
  • Floorplans.
  • Group policies.
  • HTTP servers.
  • Intrusion settings.
  • Link aggregations.
  • MG Cellular Gateway.
  • MR Wireless Network.
  • MX Appliances.
  • Malware settings.
  • Management interface settings.
  • Meraki auth users.
  • Named tag scope.
  • NetFlow settings.
  • Networks.
  • Organization.
  • Radio settings.
  • SNMP settings.
  • SSIDs.
  • Security events.
  • Splash login attempts.
  • Splash settings.
  • Switch ACLs.
  • Switch port schedules.
  • Switch ports.
  • Switch profiles.
  • Switch settings.
  • Switch stacks.
  • Traffic shaping.
  • Uplink settings.
  • VLANs.
  • Wireless settings.