Skip to content

Latest commit

 

History

History
65 lines (51 loc) · 4.6 KB

_OVERVIEW.md

File metadata and controls

65 lines (51 loc) · 4.6 KB

Overview: REST API

General usage

  • Generic: http://IP-ADDRESS/REST API endpoint
  • Example: http://192.168.1.x/process_data

Available REST API endpoints

Further details can be found in the respective REST API endpoint description.

REST API Endpoint Description HTML / JSON Depre-
cated*
/process_data Process Data JSON + HTML
/info Device Info + Process Status JSON + HTML
/config Device Configuration JSON + HTML
/metrics Prometheus / OpenMetrics Data HTML
/cycle_start Trigger Cycle (Flow) Start HTML
/reload_config Reload Configuration HTML
/set_fallbackvalue Set Fallback Value HTML
/editflow Parametrization Helper HTML
/recognition_details Image Recognition Details (WebUI Page) HTML
/camera Camera Capture, Stream, Parametrization + Flashlight HTML
/gpio Read / Control GPIO JSON + HTML
/mqtt Publish HA discovery topics / Device info topics HTML
/data Data of today (last 80kB) HTML
/log Log of today (last 80kB) HTML
/ota Over The Air Update HTML
/reboot Trigger Reboot HTML
/wlan WLAN Scan JSON
/coredump Handle Core Dumps (Software Exception) HTML
/fileserver/ Fileserver HTML
/upload/ File Upload (POST) HTML
/delete/ File Deletion (POST) HTML
/img_tmp/ Load Images From RAM HTML
/ WebUI (Redirected to index.html or setup.html) HTML

*Endpoints which are marked as deprecated will be completely removed (functionality merged in another endpoint) or modified in upcoming major release. Check changelog for breaking changes.

REST API Endpoint Security

All REST API endpoints can be (limited) secured with basic HTTP authentication scheme. The endpoint authentication has to be configured via WebUI: Settings > Configuration > Section 'WebUI' > Authentication.

Security Considerations

  • Only basic access authentication scheme using unencrypted HTTP protocol is implemented.
  • The basic authentication scheme is not a secure method of user authentication, nor does it in any way protect the entity, which is transmitted in cleartext (only Base64 encoded, not encyrpted or hashed) across the physical network used as the carrier.
  • All data (also security related data, e.g. password) are transmitted unencrypted (HTTP only, no HTTPS).

Usage

  1. Include Authorization header to REST API endpoint request
    • Header value: Basic concatenated with Base64 encoded USERNAME:PASSWORD, e.g. Basic abcdefghijklnm=
  2. http://{USERNAME}:{PASSWORD}@{IP-ADDRESS}/{REST API Endpoint}, e.g. http://username:[email protected]/info

Endpoint Response

If authorization is enabled and Authorization header is missing or authorization is rejected, system is responding with status 401 Unauthorized. Check REST API response message to get more details / rejection reason.

Migration notes (Removed / updated endpoints)

Check migration notes for migrated or removed REST API endpoints: Migration notes