Skip to content

API

Getting Started

Swagger

NAbox provides several REST endpoints to automate everything you can do in the web interface

There is one endpoint on /api/2.0/ for NAbox confguraton itself, and one on /havrest/api/2.0/ to manage ONTAP and StorageGRID systems.

For each of these enpoints, there's a Swagger documentation available on /ui.

For example, to use the Swagger interface and test APIs for NAbox administration, point your browser to https://<nabox ip>/ui/ URL.

Likewise, to manage your ONTAP system and browse the APIs for NetApp Harvest, point your browser to https://<nabox ip>/havrest/ui/.

Authentication

Authentication for NAbox API is based on standard HTTP authentication mechanism, using the admin user and password.

For NetApp Harvest API authentication, you need an API token. Tokens are managed from the NAbox web UI under Settings → Security → API Tokens.

Generating an API Token

  1. Log in to the NAbox web interface at https://<nabox ip>/.
  2. Navigate to Settings → Security → API Tokens.
  3. Click Add Token, give it a name, select the desired scopes and clusters, then click Create.
  4. Copy the token value shown — it is only displayed once.

Token Scopes and Cluster Restrictions

When creating a token you can configure scopes and clusters:

Scopes — are enforced. A token without the Havrest scope will be denied access to the NetApp Harvest API (/havrest/api/2.0/). Tokens with a wildcard scope (*) have access to all APIs.

Clusters — are not yet enforced. The cluster restriction field is stored with the token but is not currently applied when the Harvest API returns the list of systems. A token configured with a subset of clusters will still be able to see and manage all systems. This restriction is expected to be enforced in a future release.

Testing the API

You can perform a quick test to see if the API is working using curl on a linux PC for example :

$ curl -u admin:Netapp01 https://<nabox ip>/api/2.0/system/version
{"version":"v0.7.0-16-g4fdbf64","harvest":"24.03.24","grafana":"10.4.1","prometheus":""}

Set the token you generated in the web UI as a shell variable, then pass it as a Bearer token in the Authorization header:

$ token=<your-api-token>
$ curl -H "Authorization: Bearer $token" https://<nabox ip>/havrest/api/2.0/systems
{"7-mode":{"addr":"10.1.1.7","datacenter":"LAB","username":"root","use_insecure_tls":true,"systemType":"ONTAP","enabled":true,"running":true},"Webscale Demo":{"addr":"216.240.31.198","datacenter":"LAB","username":"OCI","use_insecure_tls":true,"systemType":"StorageGrid","enabled":true,"running":true},"cluster2":{"addr":"cluster2.home.lab","datacenter":"LAB","username":"admin","systemType":"ONTAP","enabled":true,"running":true}}%