Aruba Central – Automate API Key Refresh

Aruba Central – Automate API Key Refresh

In one of the previous blog posts, I wrote about my initial thoughts on Aruba Central APIs; I discussed the initial setup to generate the keys and used a script to refresh the keys since the API Token for Aruba Central expires after 7200 seconds (2 hours).

It is easy to refresh a token using a script, but it breaks the process. If I need to run scripts, I will have to generate a new, not only the API key but also a new refresh token. This new API key needs to be updated for each script. Next, refresh token needs to be updated for the existing Refresh Token script.

This is a complicated process and not very intuitive at all. I tried to find a solution by examining the API calls. I was hoping to get the status of my token with an API call. Based on that status, generate a new token. I did not find an API call that showed me the token status. I only found “Refresh API Token” on the list.

Solution:

I don’t know who said it, but, “If you can’t find it, build it”. I used the output of the error. After the token expires, the script will generate the following error:

{’error’: ‘invalid_token’,

‘error_description’: ‘The access token is invalid or has expired’}

This is the flow I created.

Aruba Central – Automate Token Refresh
I can’t edit videos, thanks to my wife for helping me adjuts/crop the video.

This method uses 3 files:

  1. Actual script that I needed to run
  2. YAML file with authentication information
  3. Script to refresh the token

Disclaimer: If anyone is planning on downloading and using these scripts, use them at your risk. They are provided as is without any warranty, assurance.

https://github.com/artofrf/Aruba/tree/main/Central/Groups

Pending Tasks:

Need to add some automation with the “Refresh Token”. Will update that part later.

Summary:

I have much to learn when it comes to Automation and Programming. Simple tasks should be automated/simplified. In my opinion Aruba Central APIs have room for improvement and can really add great value for the customers and engineers. My suggestion would be to provide an API call that will provide us with the Token and Refresh Token status. That should make it a bit easier to automate the process. In the mean time I think this works for me.

Always happy to get any feedback so that I can learn and improve. Thank you everyone who has helped me towards my Automation and Python journey.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

WordPress SEO