Configuration
  • 10 Oct 2022
  • 3 Minutes to read
  • PDF

Configuration

  • PDF


Note:
Before starting configuration, a new module instance must be created. Click here for more information about creating Module instances.

Each module has an API and Logger section that need to be configured separately. The default settings will be sufficient for this, but users will need to actively open the API and Logger configuration settings and save the default values to fully apply the settings. Click here for more information about API and Logger Configuration.


Module Configuration

By selecting REST API Server in the explorer tree menu, users can configure how the module will accept connections. The following screenshot shows the different available options for REST API Server Configuration:

Figure 1: RestApiServer module parameters

 

Parameters:

Mode: Specifies what protocols will be accepted by the REST API Server. Available options are “HTTP”, “HTTPS” and “Both (HTTP & HTTPS)”.

HTTP:

  • TCP port: specifies the HTTP port number for connecting to REST API Server. The default port number is 3003. The valid range is 1 to 65535. This port may not be used by any other application in the same machine.
  • Network interface: Specifies the interface through which the REST API Server will be accessible via HTTP. If set to All interfaces, the http server will listen to connections on all the interfaces. If set to Localhost only, the http server will listen only to localhost connections. In addition to previous options, an IP address of a specific network interface can be set to only allow connections from it.

HTTPS:

  • TCP port: Specifies the HTTPS port number for connecting to the REST API Server. The default port number is 3443. Valid range is 1 to 65535. This port may not be used by any other application in the same machine.
  • Network interface: Specifies the interface through which the REST API Server will be accessible via HTTPS. If set to All interfaces, the http server will listen to connections on all the interfaces. If set to Localhost only, the http server will listen only to localhost connections. In addition to previous options, an IP address of a specific network interface can be set to only allow connections from it.
  • Certificate type: Specifies the server HTTPS certificate. The following options are available:
    • Self-signed: The server will create and sign a certificate automatically using an internal certification authority that can be downloaded in the Self-signed certificate menu (as shown in the following screenshot). This certification authority is valid for all the REST API Server instances and must be imported in each system/web client that will access the REST API Server via HTTPS. When selecting “Self-signed” option, the following section will appear:
      • Self-signed certificate parameters:
        • Certified hosts: Comma separated host list (domains/host names and/or IPs) that will be included in the auto generated SSL certificate. It is important to include all the hosts where the REST API Server will be accessed so the web client doesn't show any error. Hosts 127.0.0.1, localhost and system hostname will be automatically added to the certificate.

Figure 2: Download button of the certification authority


    • Embedded: The provided certificates will be embedded in the configuration file. When selecting the “Embedded” option, the following section will appear:
      • Custom certificate parameters:
        • Key: Certificate key in PEM format.
        • Certificate: Certificate in PEM format.
    • File path: File paths where the certificate files are located, with a hot-reload option. The path is relative to the data/<instance name>/cert/ folder. When selecting “File path” option, the following section will appear:
      • File path certificate parameters:
        • Key path: Certificate key in PEM format. The path is relative to the data/<instance name>/cert/ folder.
        • Certificate path: Certificate in PEM format. The path is relative to the data/<instance name>/cert/ folder.
        • Reload interval: Expressed in seconds, specifies the interval to reload certificates if file changes were detected. Set to 0 to disable.

Users Configuration

After configuring the REST API Server module, a New user (as shown in the following screenshot) can be created in order to configure the authentication mode and request permissions to that specific user.

Figure 3: Creating a new User


Figure 4: User parameters


Parameters:

  • Enabled: Specifies whether or not any authentication attempt will be blocked. 
  • Authentication:
    • Mode: Specifies the mode of authentication. Available options are “Basic” and “Token”.
    • Password: Password for this user when “Basic” is selected. The authentication will be using the HTTP Authorization header, with a Basic base64 (<user>:<password>) value.
    • Token: Login token for this user when “Token” is selected.
  • Api Access: N3uron REST API calls use the GET and POST methods and can be categorized into the following groups:
    • Alarm: Access to tag alarms namespace.
    • Backup: Access to the node backup system.
    • License: Access to the node licensing system.
    • Link: Access node link system.
    • Module: Access modules system.
    • System: Access node system namespace.
    • Tag: Access tag namespace.
Each group has the following permissions available:
  • GET: Allow read operations.
  • GET/POST: Allow read and write operations.



Was this article helpful?