Client API Access

Use the Client API Access tab to display the clients with authentication access to the Event Correlation functionality or the ExtremeCloud IQ Site Engine Northbound Interface API from external applications.

The Client API Access tab contains the Registered Clients table, which displays all of the external clients capable of communicating with ExtremeCloud IQ Site Engine.

Via this tab, ExtremeCloud IQ Site Engine provides a client ID and secret that can be used by the client to generate a token to use for accessing ExtremeCloud IQ Site Engine. When the external application uses the token to access ExtremeCloud IQ Site Engine, access is granted according the capabilities enabled for the Authorization Group selected.

Select the Add or Edit buttons to open the Add/Edit Client window, from which you can add or edit registered clients. Adding a registered client enables the external application to communicate with ExtremeCloud IQ Site Engine. Additionally, use the Add/Edit Client window to display the functional areas of ExtremeCloud IQ Site Engine the external client can access based on the Authorization Group selected at the bottom of the window.

Access to ExtremeCloud IQ Site Engine information from external integrations via an API enables ExtremeCloud IQ Site Engine to correlate similar events and respond to a perceived threat to the network.

  NOTES:
  • Event Correlation is a system-defined client that cannot be deleted.
  • For Event Correlation and the Northbound Interface API to access ExtremeCloud IQ Site Engine information, they must have access privileges (called Capabilities).

Registered Client
The name of the client with access to ExtremeCloud IQ Site Engine. The client name is user-defined and should be one that readily identifies the Client.
Client ID
This column displays a unique, system-defined numeric identifier for the client.
 NOTE:To access the following information through NBI using Client API access authentication, the Client ID must be assigned to an Authorization Group with the appropriate NBI capabilities.
If the Client ID is assigned to an Authorization Group other than the XIQ-SE Administrator Authorization Group, only user workflow data is available.
Authorization Group
This column shows the level of access for the user according to the capabilities configured for the Authorization Group.
Description
The description of the client accessing ExtremeCloud IQ Site Engine.
Token Expiration (sec)
The amount of time (in seconds) before the authorization token expires and the client can no longer access ExtremeCloud IQ Site Engine without first generating a new token.
Enabled
Indicates whether or not the client API access connection currently enables access to ExtremeCloud IQ Site Engine.
Client Secret Actions
Select the icons to access the shared secret used to enable the client to communicate with ExtremeCloud IQ Site Engine:
  • Copy to clipboard () — Select to copy the shared secret to the clipboard, which you can then paste in the client.
  • Generate new () — Select to generate a new shared secret.
  • Upload to the client () — Select to upload the shared secret to the external client. This icon is only available for system-defined clients.
User Defined
Indicates whether the Registered Client was created by an ExtremeCloud IQ Site Engine user or automatically by the system.

Related Information

For information on related help topics: