How to authenticate to the API

Introduction

Use the Login call to authenticate an application using the admin credentials printed on the side of your IXrouter.

Usage

The session ID 00000000000000000000000000000000 (32 zeros) is a special null-session that can only access all calls in the unauthenticated access group, which are session login and ixon.ui.overview get. All other calls require a session ID that can be obtained by logging in with valid admin credentials. The username is admin and the password is printed on the side of your IXrouter. Please contact us at [email protected] if your router does not have a password.

curl --request POST \
     --url "192.168.140.1/ubus" \
     --data '
     {
         "jsonrpc": "2.0",
         "id": 1,
         "method": "call",
         "params": [
             "00000000000000000000000000000000",
             "session",
             "login",
             {
                 "username": "admin",
                 "password": "$password",
                 "timeout": $timeout
             }
         ]
     }'
{
    "jsonrpc": "2.0",
    "id": 1,
    "result": [
        0,
        {
            "ubus_rpc_session": "0a3e1036df206a33fcd6573a524c1ef2",
            "timeout": 300,
            "expires": 300,
            "acls": {
                "access-group": {
                    "admin": [
                        "read",
                        "write"
                    ],
                    "unauthenticated": [
                        "read"
                    ]
                },
                "ubus": {
                    "ixon.ui.account": [
                        "*"
                    ],
                    "ixon.ui.configuration": [
                        "*"
                    ],
                    "ixon.ui.hardware": [
                        "*"
                    ],
                    "ixon.ui.overview": [
                        "*",
                        "get"
                    ],
                    "session": [
                        "access",
                        "login"
                    ]
                }
            },
            "data": {
                "username": "admin"
            }
        }
    ]
}

Request:

ParameterTypeExplanation
$usernameStringAlways admin.
$passwordStringThe default password is printed on the side of the device. Can be changed, see How to change the password of the admin user.
$timeoutIntegerThe session's timeout determines when the session ID expires and re-authentication is required. This parameter is optional and defaults to 300 seconds (5 minutes) when omitted.

Response:

ParameterTypeExplanation
ubus_rpc_sessionStringThe session ID to use for calls that require authentication.
timeoutIntegerThe requested timeout of the session ID (in seconds).
expiresIntegerHow long the session ID is still valid (in seconds).

The acls object contains detailed Access Control List information and lists what the admin user is allowed to access.