Portnox Cloud REST API

In this topic, you will find introductory information about the Portnox Cloud REST API, the available API functions, and their most common uses.

Important: This topic contains only introductory information about the API. To access the detailed Swagger documentation for the Portnox Cloud API, test the API functions, and see script examples, access your Cloud tenant, click on the Help option in the top menu, and then click on the CLEAR API REFERENCE option on the left-hand side.

The Portnox Cloud API provides access to Cloud functions for automation purposes. The following operations can be done using the Portnox Cloud API:

Cloud account management

Using the API, you can manage Cloud accounts. Since Cloud accounts are primarily used if you don’t integrate Cloud with any authentication repositories, the API lets you automate account management using your own custom software or scripts.

Available functions: create an account, delete an account, block an account.

Group assignment management

Using the API, you can move accounts between different groups. By moving accounts between groups, you can change the policies that apply to these accounts, such risk compliance policies or TACACS+ permissions. You can also move accounts between groups to decide which SSIDs the account is able to access, and more.

Available functions: move an account to another group

MAC-based account management

Using the API, you can create MAC-based accounts as well as manage the list of MAC addresses assigned to these accounts. This lets you fully automate the process of MAC address bypass (MAB) authentication using your own software or scripts.

Available functions: create MAC-based accounts, get information about a MAC-based account, change MAC address expiration time, add MAC addresses to a MAC-based account, move MAC addresses between MAC-based accounts, remove MAC addresses from a MAC-based account, search MAC-based accounts for MAC addresses

Device management

Using the API, you can list, query, delete, and block devices managed in Cloud. You can use this functionality for example to automatically block devices in response to a threat detected by a SOAR solution. You can also query the devices to obtain information to import into an inventory solution.

Available functions: get a list of accounts and their devices, get information about a device, delete a device, block a device

Network site management

Using the API, you can manage network sites and NAS devices associated with these sites. These API functions let you create a logical hierarchy for your NAS infrastructure.

Available functions: get a list of sites, get a list of NAS devices assigned to a site, create a site, delete a site, change the rules for automatic assignment of NAS devices to a site