Application Programming Interface (API)
The API section is a comprehensive resource that provides detailed documentation and guidance on utilizing the FileWave API. Whether you're a developer or an IT professional looking to integrate FileWave functionality into your own applications or workflows, this section offers valuable insights. Discover comprehensive API reference documentation, code samples, and tutorials that walk you through the process of leveraging the FileWave API. By leveraging the API, you can automate tasks, streamline workflows, and integrate FileWave functionality seamlessly into your existing systems. Unlock the full potential of FileWave by harnessing the power of the API and customizing your FileWave deployment to suit your specific needs.
- What is an API?
- Working With APIs
- Command Line API (v1)
- FileWave Anywhere API (v2)
- FileWave Anywhere API Documentation
- Using the Command Line API to limit, sort, and offset values returned
- API Improvements in FileWave v15.5.0
- Last Changed Inventory Field
- API Sample Code
- Bulk Update the iOS Enrollment User (auth_username) and Client Name using API
- Bulk Update the Enrollment User (auth_username) using API
- How to write to a custom field using the FileWave API
- Managing Client States via the FileWave API
- Returning Device Information as a JSON
- Sending MDM Commands
- Restarting Devices with API
What is an API?
What
Application Programming Interface (API). APIs programmatically provide the reading or writing of information to one or more services.
FileWave has a rich set of APIs to allow customers to build connections. Some vendors also produce integrations, utilising FileWave API, without needing to work with the API directly.
When/Why
APIs extend the capability and integration of FileWave with other Systems.
How
The articles linked to this article are a good starting point. Professional Services can also help with learning and using APIs.
- Command Line API (v1)
- Anywhere API (v2)
- How do I export the results of an Inventory query?
- Using the RESTful API to limit, sort, and offset values returned
An important note on URLs
FileWave has 2 APIs
History
For inventory purposes, FileWave has a Command Line API, designed to interact with Inventory Queries. This API has existed for years and can work on either port 20443 or port 20445.
Since the introduction of the FileWave web admin, 'FileWave Anywhere', a new API was created. FileWave Anywhere interacts with the FileWave Server using this new API. Unless configured otherwise, FileWave Anywhere works over port 443.
The Web API has its own paths, when compared with the Command Line version (note the extra /api at the beginning of the path. Below is an example, which creates a new Inventory Query, using both APIs.
TCP port 443 (default port if not specified in URL). Notice that it begins with /api/inv/api/
curl -s -H "Authorization: e2M2sssYjIwLTxxx1hMzdiLTFmyyyGIwYTdjOH0=" https://myserver.filewave.net/api/inv/api/v1/query/ \
--header "Content-Type: application/json" -X POST -d @ios16_incompatible.json
TCP port 20445 (could also use port 20443). Notice that it begins /inv/api/
curl -s -H "Authorization: e2M2sssYjIwLTxxx1hMzdiLTFmyyyGIwYTdjOH0=" https://myserver.filewave.net:20445/inv/api/v1/query/ \
--header "Content-Type: application/json" -X POST -d @ios16_incompatible.json
Since the Web API is used for all server interaction, strictly speaking anything that can be achieved in FileWave Anywhere may also be programmed. As such, the scope of the Web API is broader in the main than that of the Command Line version.
The Web API has both public and private URLs. Private URLs can be changed, between FileWave versions, at any time without warning or notification and as such should be avoided in scripts and other systems interacting with FileWave. They are easily recognisable by the word 'internal' in their URL paths, as per below:
https://${server_dns}/filewave/api/devices/internal/devices/${filewave_id}/details/custom_fields/fields
Working With APIs
Getting Started
The purpose of this guides is two fold:
- First, to provide an introduction to those unfamiliar with using the FileWave API
- Second, to be a reference for commands that can be used within the API
Command Line API refers to the original RESTful API. Recognisable both by the port used and URL paths commencing:
- /inv/
FileWave Anywhere API v2 refers to the newer web admin, FileWave Anywhere, API and recognisable by paths commencing:
- /api/
Purpose of an API
As described, APIs are designed to communicate with systems. As such, FileWave may be leveraged by other systems, e.g. SCCM data engines, in-house databases, etc. To maintain security, there must be an authentication method to allow such communication to take place. The API provides this kind of ability to provide in-depth integration on an as-needed basis.
Basic, non-specific command line examples:
macOS shell
curl -s -H "Authorization: $auth" \
https://$server_dns:20445/inv/api/v1/query_result/ \
--data $query \
-H "Content-Type: application/json"
Windows PowerShell
$header = @{Authorization=“$auth"}
Invoke-RestMethod -Method POST \
-Headers $header \
-ContentType application/json \
-Uri https://$server_dns:20445/inv/api/v1/query_result/ \
-Body $query
Each user generated will have their own unique base64 token automatically generated. This token can be revoked and new tokens created. Each user may have multiple tokens.
The Token is the Key
The token allows access to any API calls from anything that has access to the FileWave Server. It should not be shared unnecessarily and otherwise should be kept secret.
Tokens may be viewed from FileWave Central App:
- Assistants > Manage Administrators
Select a desired Administrator and choose the 'Application Tokens' tab. The token value to copy is the 'Token (base64)'
Token value from above image:
e2E4YWZkNGFlLTFjZGEtNDVhOC04NTIzLWVhODg1ZWQ3MDg4OH0=
When choosing accounts and tokens for API interaction, consider making dedicated users for the task(s) required. Set the permissions of that user to limit their ability to the required task alone. If the token is compromised, this will limit not only the scope of how that token could be used by an attacker, but when revoking and generating a new token, minimal impact would be experienced.
For more information on the Application Tokens see the page: Managing FileWave Administrators (Application Tokens)
API Requests
Requests could be one of:
Command Type | Description |
GET | Returns a resource value |
PUT | Replaces a resource |
PATCH | Updates a resource |
POST | Creates a resource |
DELETE | Removes a resource |
Data sent with requests are in the form of a JSON, as are the responses from those requests.
JSON data is broken into keys/value pairs, where values could even be lists inside of lists.
Examples
Below examples are using a python tool to reformat the returned response. Python must be installed to benefit from this. If not, remove the piped section of the command or instal Python.
For example, actioning a GET to list of all FileWave Server Inventory Queries, could return a JSON similar to the below:
List Existing Inventory Queries
1) Get all Queries
curl -s -H "Authorization: e2FjYzRkYmQzLTI3ZjYtNDEyMi1iMGVhLTI1YmY0OGNmYWM0NX0=" \
https://myserver.company.org:20445/inv/api/v1/query/ | python3 -mjson.tool
[
{
"id": 1,
"name": "All Windows",
"favorite": true,
"group": 1,
"version": 1
},
{
"id": 2,
"name": "Mac OS X 10.7-10.11",
"favorite": false,
"group": 1,
"version": 5
},
...
{
"id": 103,
"name": "All Computers to retire",
"favorite": false,
"group": 3,
"version": 2
}
]
Key | Value | Description |
id |
integer |
The unique number for the query. To be used as reference |
name |
string |
The name given to the query |
favorite |
true/false |
Whether or not the query should show in the sidebar |
group |
integer |
The group number given. built-in queries – for example – would be in the "Sample Queries" group, which is group 1. If the user made new groups |
version |
integer |
The version for the query. How many times has the query been altered and saved, starting with 1 |
Return the definition of a chosen query
The query definition, not the results of the query. Using ID 1 as an example:
2) Get Query
curl -s -H "Authorization: e2FjYzRkYmQzLTI3ZjYtNDEyMi1iMGVhLTI1YmY0OGNmYWM0NX0=" \
https://myserver.company.org:20445/inv/api/v1/query/1 | python3 -mjson.tool
{
"criteria": {
"expressions": [
{
"column": "type",
"component": "OperatingSystem",
"operator": "=",
"qualifier": "WIN"
}
],
"logic": "all"
},
"favorite": true,
"fields": [
{
"column": "device_name",
"component": "Client"
},
{
"column": "filewave_client_name",
"component": "Client"
},
{
"column": "name",
"component": "OperatingSystem"
},
{
"column": "version",
"component": "OperatingSystem"
},
{
"column": "build",
"component": "OperatingSystem"
},
{
"column": "edition",
"component": "OperatingSystem"
}
],
"main_component": "Client",
"name": "All Windows",
"id": 1,
"version": 1,
"group": 1
}
Key | Value | Description | |||||||||||||||||||||||||
criteria |
array |
Expressions and logic of query | |||||||||||||||||||||||||
Criteria Expressions (Each entry will require all of the below. Add multiple entries to the array as required):
Logic:
|
|||||||||||||||||||||||||||
favourite |
true/false |
Show/Hide from FileWave Central sidebar Inventory Queries | |||||||||||||||||||||||||
fields |
array |
Which components will be shown (ordered first to last) | |||||||||||||||||||||||||
Fields to display (Each entry will require all of the below. Add multiple entries to the array as required):
|
|||||||||||||||||||||||||||
main_component |
Selection Box | Important this is set correctly (Figure 1.2 #6) | |||||||||||||||||||||||||
name |
string |
Inventory Query name shown in FileWave Central | |||||||||||||||||||||||||
id |
integer |
Inventory Query unique number, not already in use. (Each query has a unique number, starting at 1 and incremented with each new query generated when actioned through FileWave) |
|||||||||||||||||||||||||
|
integer |
Increment by 1 for each alteration | |||||||||||||||||||||||||
|
integer |
The Inventory Query group which the query should be displayed within. E.g. 'group' value of 1 would be within the 'Sample Queries' group |
Figure 1.2 - Query Builder Criteria |
Return the Inventory Query Results
3) Get Query Results
curl -s -H "Authorization: e2FjYzRkYmQzLTI3ZjYtNDEyMi1iMGVhLTI1YmY0OGNmYWM0NX0=" \
https://myserver.company.org:20445/inv/api/v1/query_result/1 \
| python3 -mjson.tool
{
"total_results": 13,
"filter_results": 13,
"offset": 0,
"values": [
[
"FW-BLUE-02",
"FW-Blue-02",
"Windows 10.0",
"10.0.0",
"10240",
"Microsoft Windows 10 Home"
],
[
"LAPTOP-C6LLFGH6",
"FH-History3",
"Windows 10.0",
"10.0.0",
"14393",
"Microsoft Windows 10 Home"
],
...
],
"version": 3
}
Key | Value | Description |
total_results |
integer |
Total count of results |
filter_results |
integer |
|
offset |
integer |
|
values |
array |
The results. Repeated for each result. Items depends on what your specified in the fields |
version |
integer |
The version for the query. How many times has the query been altered and saved, starting with 1 |
JSON
Verify JSON Formatting:
API Application
- Postman https://www.getpostman.com/ (macOS, Windows, and Linux)
Browser Extensions
- Mod-Header https://mod-header.appspot.com/ Will allow you to use the Google Chrome Browser to view and interact with the FileWave API
Commands
Remember: All URLs start with
https://myserver.company.org:20445/inv/api/v1/
Must include the authorization header
Below are the possible options:
URLs
URL | Use | Options |
Inventory |
||
query |
Show all queries | GET POST |
query/# |
Show information on a single query Where # is the query ID |
GET PUT DELETE |
query_group/ |
Show all query group | GET POST |
query_group/# |
Detail information on a single group Where # is the group ID |
GET PUT DELETE |
query_result/# |
Show the results of one query Where # is the query ID |
GET POST |
query_count |
POST |
|
component |
Show all component options on your instance | GET |
field_type |
Show all fields on your instance | GET |
License |
||
license_definition |
Show all query | GET |
license_definition/# |
Show information on a single license Where # is the license ID |
GET |
Custom Fields |
||
custom_field/ |
Show all custom fields | |
custom_field/get_association |
POST |
|
custom_field/set_association |
POST |
|
custom_field/upload |
POST |
|
custom_field/usages/<Field_Name> |
Where <Field_Name> is the Internal Name (E.G "battery_cycle_count") | GET |
custom_field/values/ |
POST |
|
custom_field/edit/ |
POST |
Examples
Using a browser extension
Using Mod-Header (see tools section), you can make Chrome a RESTful API browser by taking advantage of the FileWave Django Framework. Leveraging URLs and authorisation token to return Query Results.
Even if the URL is typically a POST, it provides an output similar to the following
Using the curl command
Viewing all available queries (GET)
curl -s -H "Authorization: e2FjYzRkYmQzLTI3ZjYtNDEyMi1iMGVhLTI1YmY0OGNmYWM0NX0=" \
https://myserver.company.org:20445/inv/api/v1/query/ \
| python3 -mjson.tool
Posting a new query (POST)
curl -s -H "Authorization: e2FjYzRkYmQzLTI3ZjYtNDEyMi1iMGVhLTI1YmY0OGNmYWM0NX0=" \
--header "Content-Type: application/json" \
-X POST \
-d @<path/name of new query.json> \
https://myserver.company.org:20445/inv/api/v1/query/
Removing a query (DELETE)
curl -s -H "Authorization: e2FjYzRkYmQzLTI3ZjYtNDEyMi1iMGVhLTI1YmY0OGNmYWM0NX0=" \
-X DELETE https://myserver.company.org:20445/inv/api/v1/query/<id#>
For more curl help, see: Using the RESTful API to limit, sort, and offset values returned
Self-Signed Certificates
Hopefully everyone is using official certificates. However, if the FileWave Server does have a self-signed certificate, the above commands should fail. To ignore the warnings the following is required.
macOS
Add the -k option to the command. E.g.
curl -s -k -H "Authorization: e2FjYzRkYmQzLTI3ZjYtNDEyMi1iMGVhLTI1YmY0OGNmYWM0NX0=" \
https://myserver.company.org:20445/inv/api/v1/query/ \
| python3 -mjson.tool
Windows
PowerShell requires somewhat more code to ignore the warning. Add the below to the beginning of any script calling an API to a server with a self-signed certificate:
# Required for self-signed certs only
function Ignore-SSLCertificates
{
$Provider = New-Object Microsoft.CSharp.CSharpCodeProvider
$Compiler = $Provider.CreateCompiler()
$Params = New-Object System.CodeDom.Compiler.CompilerParameters
$Params.GenerateExecutable = $false
$Params.GenerateInMemory = $true
$Params.IncludeDebugInformation = $false
$Params.ReferencedAssemblies.Add("System.DLL") > $null
$TASource=@'
namespace Local.ToolkitExtensions.Net.CertificatePolicy
{
public class TrustAll : System.Net.ICertificatePolicy
{
public bool CheckValidationResult(System.Net.ServicePoint sp,System.Security.Cryptography.X509Certificates.X509Certificate cert, System.Net.WebRequest req, int problem)
{
return true;
}
}
}
'@
$TAResults=$Provider.CompileAssemblyFromSource($Params,$TASource)
$TAAssembly=$TAResults.CompiledAssembly
## We create an instance of TrustAll and attach it to the ServicePointManager
$TrustAll = $TAAssembly.CreateInstance("Local.ToolkitExtensions.Net.CertificatePolicy.TrustAll")
$AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12'
[System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols
[System.Net.ServicePointManager]::CertificatePolicy = $TrustAll
}
Ignore-SSLCertificates
Using PHP
Saved as a php file (like inv.php), update the URL and auth code, then place the file on a web server where PHP has been enabled. This creates a 'view only' web page version of the inventory. People can enter the URL for the query, hit refresh as many times as they like and will always see the latest information in inventory. All without having to hassle IT for the latest data.
The output of the query results isn't fancy, but this is to illustrate what can be achieved.
PHP Inventory Viewer
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
<html>
<?php
$baseurl="myserver.company.org";
$port="20445";
$authcode="e2FjYzRkYmQzLTI3ZjYtNDEyMi1iMGVhLTI1YmY0OGNmYWM0NX0=";
ini_set('display_errors', 'On');
### do not edit below ###
if (!isset($_GET["qid"])){
$url = "https://".$baseurl.":".$port."/inv/api/v1/query/";
} else {
$url = "https://".$baseurl.":".$port."/inv/api/v1/query_result/".$_GET["qid"];
}
// Initiate curl
$ch = curl_init();
// Set the url
curl_setopt($ch, CURLOPT_URL,$url);
// Disable SSL verification
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSLVERSION, 1);
// Will return the response, if false it print the response
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
//authenticate
curl_setopt($ch, CURLOPT_HTTPHEADER,array('Authorization:<'.$authcode.'>='));
// Display errors if any
if (curl_errno($ch)) {
print curl_error($ch);
}
// Execute
$result=curl_exec($ch);
if (curl_errno($ch)) {
print curl_error($ch);
}
$output=json_decode($result, true);
curl_close($ch);
//create function for looping unknown dimensional array
function printAll($a) {
if (!is_array($a)) {
echo $a, ' <br/>';
return;
}
echo "<br/>";
foreach($a as $v) {
printAll($v);
}
}
// Start html Page
echo '<head>'
.'<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />'
.'<title>'.$baseurl.'Inventory Page</title>'
.'</head>'
.'<body>'
.'<style type="text/css">'
."body {font-family:'Helvetica Neue Light', 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif;}"
.'h1,h2,h3,h4,{font-weight:100;}'
.'div {padding:10px; color:#fff; background:#333;}'
.'div.output{border:1px solid rgba(0,0,0,0.1); background: rgba(0,0,0,0.03); color:#555;-webkit-border-radius:3px;border-radius:3px;margin:15px 25px; padding:10px;}'
.'tr:nth-child(even) {background: rgba(255,255,255,0.85);}'
.'tr:nth-child(odd) {background: rgba(0,0,0,0.05);}'
.'a, a:hover {color:#ce1300; text-decoration:none;}'
.'</style>'
.'<div><h1><img src="https://www.filewave.com/images/filewave-1024x788.png" height="60" />'.$baseurl.' Inventory</h1></div>'
.'<br/>';
// Default homepage
if (!isset($_GET["qid"])){
echo "<table>"
."<thead>"
."<tr>"
."<th>♥</th>"
."<th>Query Name</th>"
."<th>Query ID</th>"
."</tr>"
."</thead>"
."<tbody>";
foreach ($output as &$value) {
if ($value['favorite'] == true) { $fav="♥";} elseif ($value['favorite'] == false) {$fav=" ";}
echo "<tr><td>".$fav."</td><td>".$value['name']."</td><td><a href='".$_SERVER['PHP_SELF']."?qid=".$value['id']."&n=".$value['name']."'>".$value['id']."</a></td></tr>";
}
echo"</tbody></table>";
}
//If an individual query has been selected
elseif (isset($_GET["qid"],$_GET["n"])) {
echo "<h3>Home > Query: "
.$_GET["n"]
."</h3><hr/>"
."<strong>Total Results: </strong>"
.$output['total_results']
."<br/>"
.'<strong>First Column results: </strong>';
foreach ($output['values'] as &$value) {
echo $value['0'].' <strong> | </strong>';
}
echo "<br/>"
."<strong> All Results: </strong><br/><div class='output'>";
printAll($output['values']);
echo "</div>";
#var_dump($result);
}
else {
echo "<h1 style='color:#ff0000;'> An error has occurred</h1> Parhaps you used a bookmark and the URL has changed";
}
?>
<hr/>
<center><font style=" font-size:9px;"><a href="http://filewave.com" target="_blank">© BenM@ FileWave</a></font></center>
</body>
</html>
Command Line API (v1)
Command Line RESTful API
It is probably easiest to consider this API as an interaction with Inventory Queries, allowing for example:
- Ad-hoc queries to be run to return results
- New Inventory Queries to be created
- The returning of Current Query results
- Deleting queries
There is even the ability to read or alter Custom Field values for devices.
Examples:
Returning an Inventory Query request
FileWave GUI example
Imagine it is desirable to return a list of macOS devices which have a network interface name that contains 'en', the Field to be returned is the Device Name and the Main Component is 'MacOS Device'. The criteria would appear as below:
JSON Data Example
A RESTful API query, to return the same set of results, would have a JSON structure set out as:
{
“criteria”: {
“column":"interface_name",
“component":"NetworkInterface",
“operator”:”contains",
“qualifier":"en"
},
“fields":[
{
“column”:"device_name",
“component":"Client"
}
],
“main_component":"MacOSClient"
}
It can be seen that the JSON block is just mimicking the FileWave Central Inventory Query.
Creating an Inventory Query
On the KB page explaining what an API is, the following examples were shown:
FileWave Anywhere API:
curl -s -H "Authorization: e2M2sssYjIwLTxxx1hMzdiLTFmyyyGIwYTdjOH0=" https://myserver.filewave.net/api/inv/api/v1/query/ \
--header "Content-Type: application/json" -X POST -d @ios16_incompatible.json
Command Line API:
curl -s -H "Authorization: e2M2sssYjIwLTxxx1hMzdiLTFmyyyGIwYTdjOH0=" https://myserver.filewave.net:20445/inv/api/v1/query/ \
--header "Content-Type: application/json" -X POST -d @ios16_incompatible.json
These demonstrate a method of creating a new Inventory Query by providing the JSON as a file, rather than text in the actual script line, using the POST option. Also note the subtle difference in URL path.
Interacting with Custom Fields
The first thing to appreciate, is all Inventory items have an 'Internal Name'. This is unique to each item and of course Custom Fields also therefore have their own Internal Name.
Internal Names may be viewed in FileWave Central when in the Inventory Query viewer. Select any item in the left hand sidebar and the bottom of the window will report the Internal Name.
Reading Values
Perhaps it would be desirable to read the Custom Field value of the above 'macOS Instal Flag' Custom Field for a device, for example, based upon its serial number. The JSON data block might look something like:
{
"criteria":
{
"column":"serial_number",
"component":"Client",
"operator":"is",
"qualifier":'\"$serial_number\"'
},
"fields":
[
{
"column":"macos_instal_flag",
"component":"CustomFields"
}
],
"main_component":"Client"
}
Using this method, it is possible to provide the Serial Number as a variable value; as such the same script could be ran on all devices, without the need to edit the script. Note the internal name used for the Custom Field as well as the single quotes around the $serial_number variable.
Editing Values
As an alteration of a current value, the command would then use the PATCH option. In this instance, the Custom Field to alter has an 'internal name' of 'admin_test', is a Boolean entry and the JSON data block could look like:
{
"CustomFields":
{
"admin_test":
{
"exitCode":null,
"status":0,
"updateTime":"'$current_time'",
"value":true
}
}
}
When Custom Fields are updated, a time stamp of when the update occurred is shown. When altering the value from the Command Line API, the time should be supplied, along with the value and a couple of other key/value pairs. There should be no reason to provide an other value than those shown for 'exitCode' and 'status', when adjusting using the API.
Date is important and should be of the format "2018-09-10T15:48:08Z":
macOS example:
current_time=$(date -u +"%FT%TZ")
Windows PowerShell:
$current_time = $(Get-Date -UFormat "%Y-%m-%d %R:%S")
The code would look something like the following, where $query would be set as the content of the JSON:
macOS shell
curl -s -H "Authorization: $auth" \
https://$server_dns:20445/inv/api/v1/query_result/ \
-X PATCH \
-data $query \
-H "Content-Type: application/json"
Windows PowerShell
$header = @{Authorization=“$auth"}
Invoke-RestMethod -Method PATCH \
-Headers $header \
-ContentType application/json \
-Uri https://$server_dns:20445/inv/api/v1/query_result/ \
-Body $query
As with any Inventory Query, the criteria can be based upon any inventory item. This makes the Command Line API very powerful.
FileWave Anywhere API (v2)
What
Hopefully it is now clear that FileWave Anywhere (formerly called WebAdmin) functions by making API calls to the FileWave server; meaning these same API calls can be used in scripts or by other 3rd party tools.
When/Why
Perhaps to make automated API calls from within Scripts ran on devices or 3rd party tools to GET or POST/PATCH/DELETE entries on the FileWave server.
How
In the main, the queries will look almost the same as the Command Line RESTful commands. Not only are the commands the same, but it is also necessary to use a base64 FileWave Administrator Token. Please view the Working with APIs KB page for more details if required.
Read a current Inventory Query
Imagine it was desirable to read an already existing Inventory Query with an ID of 191. The below shows the Command Line API call, followed by the FileWave Anywhere API call.
Command Line:
curl -s -H "Authorization: $auth" https://$server_dns:20445/inv/api/v1/query_result/191
FileWave Anywhere:
curl -s -H "Authorization: $auth" https://$server_dns:/api/inv/api/v1/query_result/191
As indicated in an earlier API KB document, FileWave Anywhere uses port 443 (default if not specified) and the URL has an additional '/api' at the beginning of the URL path.
In an example setup, both of these would report exactly the same output, which might look something like:
{
"offset":0,
"fields":
[
"Client_device_name"
],
"values":
[
["C02Z90WDLVDQ"],
["FW1063"],
["mac0001"],
["macadmin1"],
["mini"],
["ML1015VMNEWNAME"],
["ml1063"],
["Orac"],
["pro"]
],
"filter_results":9,
"total_results":9,
"version":3
}
Send an MDM Command
Since FileWave Anywhere is a tool with a broader range of control, the API options extend beyond just basic queries. As just one example, the below shows a method to send an MDM command to a device, in this instance a command to restart an Android device, based upon the Device ID:
curl -X POST "https://${server}/api/android/restart_devices" \
-H "Content-Type: application/json" \
-H "authorization: ${auth}" \
-d '{"device_ids": ["3aa9cea3eb7ea992"]}'
Although FileWave Anywhere has much wider scope than the Command Line, there are some considerations with this API.
- Unlike the Command Line, it is not possible at this time, to run an Inventory Query with the FileWave Anywhere API, without actually creating an Inventory Query on the FileWave server.
- Access to Custom Fields values for devices at this time, is only accessible via an Internal API path and this method reports all associated Custom Field values for a device.
- Setting Custom Field values for a device using the FileWave Anywhere API does not allow the inclusion of a time stamp
As such, the Command Line API should be favoured for these above options.
Please see the FileWave Anywhere Documentation for a more in-depth look at the possible API options available.
When referring to devices, the FileWave Anywhere API calls always use device_id. Depending upon the use case, it may also be desirable to consider using the Command Line RESTful API instead, if this value is not readily available.
Where API calls are made through FileWave as scripts, any inventory value may be supplied as either a Launch Argument or Environment Variable. This could include device_id.
FileWave Anywhere API Documentation
What
FileWave Anywhere has a dedicated documentation page, which is built by Swagger and is OpenAPI.
The documentation should only list public (non-internal) URL paths. Not only does it list possible commands, but there is an option to 'Try it Out', allowing execution of the command from the documentation.
Executing a command from the Swagger API documentation is a live action on the FileWave Server, it will act as requested and can be destructive. Be 100% sure before of any command before executing.
When/Why
Unsure if an API call exists for the intended action? Need to confirm the format or name of a key in the JSON? Are some keys in the JSON required? What is the ID of the item to be targeted?
These are some of the questions the Swagger documentation can answer.
Executing commands from the Swagger documentation requires an active login to the FileWave Anywhere web admin. If this login times out, a fresh login action will be required.
How
On earlier versions of FileWave, the Documentation page may be accessed without logging in first, but it may then only be viewed as 'read only'.
This is no longer the case and it should be expected to log into FileWave Anywhere to access the API documentation.
First log into FileWave Anywhere through a web browser. The address should be the same as shown in the FileWave Central Mobile Preferences:
The URL for the Swagger documents page is the server address appended with /api/doc/. From the example above, it would look as follows:
https://demoz.filewave.com/api/doc/
The response section from an executed action shows the curl command, the requested URL and the returned response (code and body)