Set up N-central REST API access

Step 1 - Create an API user and generate a JSON web token (JWT)

Only an API user can use REST APIs . You also need a JSON web token for the authentication process. So when you log in, a server can issue a JWT, which is sent and stored on the client side (typically in a cookie or local storage). Subsequent requests to protected resources will include the JWT and allow the server to verify the user's identity and grant them access.

Click Create an API-only user for instructions on how to create an API user and generate a JWT.

Step 2 - Exchange the JWT with access and refresh tokens

Exchanging a JWT (JSON Web Token) for an access token typically involves a process known as token exchange. In many authentication and authorization systems, you can obtain a JWT after a successful authentication process and you can exchange the JWT for an access token, which you can then use to access protected resources.


Example response:


  1. To access the swagger documentation, navigate to https://Your_FQDN/api-explorer

  2. Click Authorize.

  3. Enter the User-API token you just generated and click Authorize. Close the dialog

  4. Navigate to the /api/auth/authenticate endpoint, click to expand it.

    Click Try it out and then click Execute.

    In the following example, the new access and refresh token fields are available in the Server response section.

    The expiry is 3600s ( 1h ) in this example. Copy the value of the access token.

  5. Go to the Swagger Authorize page again (step 1).

  6. Enter the access token in the api-access field and click Authorize.

Step 3 - Try the available end points

Using Bash

Using Swagger

Go to any endpoint in the swagger list to try executing the endpoint. In this example we will run /api/devices :

Upon success, the list of devices are available in the Responses section, for example: