Getting started with Citrix-managed App Delivery and Security service API
Citrix-managed App Delivery and Security service provides an outcome-focused model that allows to simply specify the functional and business intent of application deployment.
Authorizing APIs using Bearer tokens
This guide walks you through steps to generate your first bearer token, make your first API request, and perform some common administrative tasks. By the end of this learning journey, you will be comfortable parsing the documentation and get familiar with functionalities available to you.
Step 1: Get started with Citrix-managed App Delivery and Security service
This document walks you through the on-boarding and setting up Citrix-managed App Delivery and Security service for the first time.
For more information, see Onboarding and setting up Citrix App Delivery and Security service.
Step 2: Create an API client
Create an API client to get the {{client_secret}} and {{client_id}} needed for generating a token. For more information, see the Getting started section for Citrix Cloud.
Step 3: Fetch customer ID
Customer ID is a mandatory parameter that must be passed in Citrix-CustomerId
header. To get the customer ID:
- Log in to the Citrix Cloud.
- Select the Identity and Access Management option from the menu.
- Click API Access tab. You can see the customer ID in the description above the Create Client button.
Step 4: Create a bearer token
Tokens are passed into the authorization header of APIs. Create a bearer token for API authentication and authorization. To generate a token, use the Citrix Cloud OAuth 2.0 flow. For more information about the Citrix Cloud OAuth 2.0 flow, see the Getting started section for Citrix Cloud.
Step 5: Authorizing APIs using bearer token
The following is how a typical request looks like:
GET /adcaas/nitro/v1/config/environments HTTP/1.1
Host: appdeliverysecurity.cloud.com
Content-Type: application/json
Accept: application/json
Authorization: CwsAuth bearer=bearer_token
The following is how a typical response looks like:
{
"environments": [
{
"name": "env-name",
"id": "abcd",
"autoscalegroup_name": "env-name",
"access_profile_id": "15100a57-8e22-4cbb-b319-5cf38a4b",
"cloud": "aws",
"aws_params": {
"region": "us-east-1",
"region_name": "US East",
"vpc_id": "vpc-id",
"vpc_name": "vpc-name",
"vpc_cidr": "192.178.0.0/16",
"availability_zones": [
"us-east-1a"
]
},
"owned_by": "self"
}
]
}
Step 6: Create cloud access profile
A cloud access profile is used by the Citrix App Delivery and Security service to acquire permissions on the customer’s cloud account for deploying application delivery infrastructure in customer owned private clouds.
For more information, see the following documents:
Create Cloud Access Profile from UI
Create Cloud Access Profile using API
Step 7: Manage SSL certificates
Using the Citrix App Delivery and Security service, you can add certificates to a central repository instead of uploading a certificate each time you create an application.
For more information, see the following documents:
Manage SSL certificates from UI
Manage SSL certificates using API
Authorizing APIs using session ID
Alternative to using bearer tokens for authorization, you can also use Session-based authorization by passing Session-ID as Cookie.
Follow Step 1, 2 and 3 from preceding section.
Step 4: Generate a Session-ID
To get a session ID, make a POST call to server as following:
The following is how a typical request looks like:
POST /nitro/v2/config/login HTTP/1.1
Host: appdeliverysecurity.cloud.com
Content-Type: application/json
{"login":{"ID": "client-id", "Secret": "client-secret"}}
The following is how a typical response looks like:
{
"login": [
{
"sessionid": "",
"customerId": "",
"tenant_name": ""
}
]
}
The required session ID is the value of the response parameter sessionid
. When using this parameter, prefix this value with SESSID=
and add as a Cookie.
For example, Cookie: SESSID=session-id
Step 5: Authorizing APIs using session ID
The following is how a typical request looks like:
GET /adcaas/nitro/v1/config/environments HTTP/1.1
Host: appdeliverysecurity.cloud.com
Content-Type: application/json
Accept: application/json
Cookie: SESSID=session-id;
The following is how a typical response looks like:
{
"environments": [
{
"name": "env-name",
"id": "abcd",
"autoscalegroup_name": "env-name",
"access_profile_id": "15100a57-8e22-4cbb-b319-5cf38a4b",
"cloud": "aws",
"aws_params": {
"region": "us-east-1",
"region_name": "US East",
"vpc_id": "vpc-id",
"vpc_name": "vpc-name",
"vpc_cidr": "192.178.0.0/16",
"availability_zones": [
"us-east-1a"
]
},
"owned_by": "self"
}
]
}