Cisco is constantly enhancing its SD-WAN solution. With every release we (DevNet) try and keep the learning and implementation content in line with the latest enhancements. The most recent SD-WAN update is the new API for Cross-Site Request Forgery Prevention. This feature adds protection against Cross-Site Request Forgery (CSRF) that could occur when using Cisco SD-WAN REST APIs. This protection is provided by including a CSRF token with API requests.
More than ever, developers need to deliver business results to customers in a faster more agile way. This often requires custom software development, in addition to industry-leading technology. So, to guide our customers, partners, and community we have a slew of updated content just for you.
How to use Cisco SD-WAN vManage APIs
Yes! We have launched two new SD-WAN sandboxes that were featured in our webinar, Take a Deep Dive into the New SD-WAN DevNet Sandbox. If you missed it, catch up here. In the webinar, Sai Marapareddy gives you the low down on how to use Cisco SD-WAN vManage APIs to:
- Automatically monitor and improve application traffic
- Use vManage Aggregation APIs to generate reports on statistics related to loss/latency/jitter of SD-WAN overlay tunnels to trigger policy updates to change the preferred transport for certain application traffic.
You can get the code over on Cisco DevNet Code Exchange this code is also a use case in Cisco Automation Exchange.
Postman SD-WAN Collections
Cisco DevNet has close ties and a great relationship with our friends over at Postman. Check out the Postman use case How Cisco DevNet Runs Interactive Developer Education on Postman. As we launch the new Cisco SD-WAN sandbox’s it is always great to give our community something they can start right away. So we built two new postman collections just for you!
You can find both of these public repos on Postman for AlwaysOn Cisco SD-WAN Sandbox and Postman for Reservable Cisco SD-WAN Sandbox. Both contain the Postman environments and collection that can be used to interact with the Cisco SD-WAN vManage REST API
. The environments are pre-configured to access the Cisco DevNet Always On Sandbox for SD-WAN 19.2 fabric or the Cisco DevNet Reservable Sandbox for SD-WAN.
You can edit the variables in the environment to point to your own vManage instance, should you wish. The collection contains REST API calls to authenticate, get a list of devices that are part of the SD-WAN fabric, and get device status and counters. You also get interface statistics for all the interfaces in the fabric, and much more! Feel free to modify them as you see fit and to add more calls to the collection.
You can also find both Cisco SD-WAN Postman collections and many other Cisco Postman collections on our own Cisco DevNet Postman collection.
More coming soon….
Stayed tuned for more SD-WAN Learning Labs, Code Exchange repos, and webinars. If you have any feedback let me know in the comments section below — leave me a message, ask me a question, whatever you want.
Follow @bigevilbeard
Follow @CiscoDevNet
Related resources:
- SD-WAN APIs — Streamline workflows, deploy and manage devices, and enhance application experience while developing with SD-WAN.
We’d love to hear what you think. Ask a question or leave a comment below.
And stay connected with Cisco DevNet on social!
Twitter @CiscoDevNet | Facebook | LinkedIn
Visit the new Developer Video Channel
This came at the right moment for most of us as we wrap up SDWAN concepts.
Thank you Cisco
Stay safe from Covid 19.
Can you please explain how the CSRF protection helps REST API users a.k.a API clients? From my understanding, CSRF is a browser related vulnerability where a user is navigated to the vulnerable website by a malicious website to take advantage of an already logged in session. The OWASP website explains well about the CSRF attack https://owasp.org/www-community/attacks/csrf
That is is correct, CSRF attack or token is mainly done to protect the logins through the browser. Since that change has been implemented for the browser we have to do it for API login’s also, on vManage we heavily rely on using same endpoints for the UI and APIs, so we have to add the token retrieval and add that to API requests done through postman or through python also. Here is a link to the sd-wan documents https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/sdwan-xe-gs-book/cisco-sd-wan-API-cross-site-request-forgery-prevention.html