Skip to content
/
Get Default Rules for QoS...

Wi-Fi API and Model Documentation (17.3.3.144)

https://support.ruckuswireless.com/ruckus-cloud-wifi-legal-terms-and-conditions

Overview

Rate Limit

For the Wifi REST API the following will be true:

  • Limits are applied to each tenant.
  • A maximum of 200 calls can be made per second.
  • Each second 100 calls will be returned to be used.
Download OpenAPI description
Download PDF
Overview
License

RUCKUS Cloud Privacy Policy

Languages
Servers
Asian region

https://api.asia.ruckus.cloud/

European region

https://api.eu.ruckus.cloud/

North American region

https://api.ruckus.cloud/

Wi-Fi Calling Service Profile

Manage Wi-Fi calling service profiles.

Operations

Wi-Fi Network Activation

Manage Wi-Fi network-venue activation relationships.

Operations

AP

Manage APs including pinging, trace-routing, resetting, rebooting, floor-plan positioning and LAN-Ports settings.

Operations

L3ACL Policy

Manage layer-3 ACL policy profiles.

Operations

RADIUS Profile

Manage RADIUS server profiles.

Operations

Syslog Server Profile

Manage Syslog server profiles.

Operations

Wi-Fi Network

Managing the relationships for Wi-Fi network activation within venue associations.

Operations

Delete NetworksDeprecated

Request

Delete a list of networks.

Bodyapplication/jsonrequiredArray [
string
]
application/json
[
  "string"
]

Responses

Accepted

Bodyapplication/json
requestIdstring
Response
application/json
{
  "requestId": "string"
}

Get NetworksDeprecated

Request

Get the network list.

No request payload

Responses

OK

Bodyapplication/jsonArray [
idstringread-only
namestring(?=^((?!(`|\$\()).){2,32}$)^(\S.*\S)$required
tenantIdstringread-only
typestringrequired
Discriminator
accountingRadiusIdstring
authRadiusIdstring
descriptionstring[ 0 .. 256 ] characters
enableAccountingProxyboolean
Default false
enableAuthProxyboolean
Default false
useCertificateTemplateboolean
Default false
venuesArray of objects(NetworkVenue)read-only
wlanobject(AAAWlan)required

WLAN

wlan.​advancedCustomizationobject(AAAWlanAdvancedCustomization)

WLAN advanced customization

wlan.​bypassCNAboolean
Default false
wlan.​bypassCPUsingMacAddressAuthenticationboolean
Default false
wlan.​enabledboolean
Default true
wlan.​macAddressAuthenticationConfigurationobject(MacAddressAuthenticationConfiguration)

MAC address authentication configuration

wlan.​managementFrameProtectionstring
Enum"Disabled""Optional""Required"
wlan.​ssidstring[^`\s]([^`\t\r\n]){0,30}[^`\s]required
wlan.​vlanIdinteger(int32)[ 1 .. 4094 ]
Default 1
wlan.​wlanSecuritystring
Default "AAAWlanSecurityEnum.WPA2Enterprise"
Enum"WPA2Enterprise""WPA3"
]
Response
application/json
[
  {
    "id": "string",
    "name": "string",
    "tenantId": "string",
    "type": "string"
  }
]

Create NetworkDeprecated

Request

Create a new network.

Bodyapplication/jsonrequired
One of:

AAA Wi-Fi network

namestring(?=^((?!(`|\$\()).){2,32}$)^(\S.*\S)$required
typestringrequired
accountingRadiusIdstring
authRadiusIdstring
descriptionstring[ 0 .. 256 ] characters
enableAccountingProxyboolean
Default false
enableAuthProxyboolean
Default false
useCertificateTemplateboolean
Default false
wlanobject(AAAWlan)required

WLAN

wlan.​advancedCustomizationobject(AAAWlanAdvancedCustomization)

WLAN advanced customization

wlan.​bypassCNAboolean
Default false
wlan.​bypassCPUsingMacAddressAuthenticationboolean
Default false
wlan.​enabledboolean
Default true
wlan.​macAddressAuthenticationConfigurationobject(MacAddressAuthenticationConfiguration)

MAC address authentication configuration

wlan.​managementFrameProtectionstring
Enum"Disabled""Optional""Required"
wlan.​ssidstring[^`\s]([^`\t\r\n]){0,30}[^`\s]required
wlan.​vlanIdinteger(int32)[ 1 .. 4094 ]
Default 1
wlan.​wlanSecuritystring
Default "AAAWlanSecurityEnum.WPA2Enterprise"
Enum"WPA2Enterprise""WPA3"
application/json
{
  "name": "string",
  "type": "string",
  "accountingRadiusId": "string",
  "authRadiusId": "string",
  "description": "string",
  "enableAccountingProxy": false,
  "enableAuthProxy": false,
  "useCertificateTemplate": false,
  "wlan": {
    "advancedCustomization": { … },
    "bypassCNA": false,
    "bypassCPUsingMacAddressAuthentication": false,
    "enabled": true,
    "macAddressAuthenticationConfiguration": { … },
    "managementFrameProtection": "Disabled",
    "ssid": "string",
    "vlanId": 1,
    "wlanSecurity": "WPA2Enterprise"
  }
}

Responses

Accepted

Bodyapplication/json
requestIdstring
responseAAANetwork (object) or DpskNetwork (object) or GuestNetwork (object) or Hotspot20Network (object) or OpenNetwork (object) or PskNetwork (object)
One of:

AAA Wi-Fi network

Response
application/json
{
  "requestId": "string",
  "response": {
    "id": "string",
    "name": "string",
    "tenantId": "string",
    "type": "string",
    "accountingRadiusId": "string",
    "authRadiusId": "string",
    "description": "string",
    "enableAccountingProxy": false,
    "enableAuthProxy": false,
    "useCertificateTemplate": false,
    "venues": [ … ],
    "wlan": { … }
  }
}

Get Default Rules for QoS Map SetDeprecated

Request

Get default rules for QoS map set.

No request payload

Responses

OK

Bodyapplication/json
rulesArray of objects(QosMapRule)[ 0 .. 8 ] items
Response
application/json
{
  "rules": [
    { … }
  ]
}

Get External WISPr ProvidersDeprecated

Request

Get the list of external WISPr providers for a captive portal network. Note: these providers have integrated their service with the RUCKUS cloud.

No request payload

Responses

OK

Bodyapplication/json
providersArray of objects(ExternalProvidersModel)
Response
application/json
{
  "providers": [
    { … }
  ]
}

Delete NetworkDeprecated

Request

Delete a network.

Path
networkIdstringrequired

Network ID

No request payload

Responses

Accepted

Bodyapplication/json
requestIdstring
Response
application/json
{
  "requestId": "string"
}

Get NetworkDeprecated

Request

Get the network details.

Path
networkIdstringrequired

Network ID

Query
deepboolean

Get deep details of this network.

Default false
No request payload

Responses

OK

Bodyapplication/json
idstringread-only
namestring(?=^((?!(`|\$\()).){2,32}$)^(\S.*\S)$required
tenantIdstringread-only
typestringrequired
Discriminator
accountingRadiusIdstring
authRadiusIdstring
descriptionstring[ 0 .. 256 ] characters
enableAccountingProxyboolean
Default false
enableAuthProxyboolean
Default false
useCertificateTemplateboolean
Default false
venuesArray of objects(NetworkVenue)read-only
wlanobject(AAAWlan)required

WLAN

wlan.​advancedCustomizationobject(AAAWlanAdvancedCustomization)

WLAN advanced customization

wlan.​bypassCNAboolean
Default false
wlan.​bypassCPUsingMacAddressAuthenticationboolean
Default false
wlan.​enabledboolean
Default true
wlan.​macAddressAuthenticationConfigurationobject(MacAddressAuthenticationConfiguration)

MAC address authentication configuration

wlan.​managementFrameProtectionstring
Enum"Disabled""Optional""Required"
wlan.​ssidstring[^`\s]([^`\t\r\n]){0,30}[^`\s]required
wlan.​vlanIdinteger(int32)[ 1 .. 4094 ]
Default 1
wlan.​wlanSecuritystring
Default "AAAWlanSecurityEnum.WPA2Enterprise"
Enum"WPA2Enterprise""WPA3"
Response
application/json
{
  "id": "string",
  "name": "string",
  "tenantId": "string",
  "type": "AAANetwork",
  "accountingRadiusId": "string",
  "authRadiusId": "string",
  "description": "string",
  "enableAccountingProxy": false,
  "enableAuthProxy": false,
  "useCertificateTemplate": false,
  "venues": [
    { … }
  ],
  "wlan": {
    "advancedCustomization": { … },
    "bypassCNA": false,
    "bypassCPUsingMacAddressAuthentication": false,
    "enabled": true,
    "macAddressAuthenticationConfiguration": { … },
    "managementFrameProtection": "Disabled",
    "ssid": "string",
    "vlanId": 1,
    "wlanSecurity": "WPA2Enterprise"
  }
}

Update NetworkDeprecated

Request

Update this network, including nested details.

Path
networkIdstringrequired

Network ID

Bodyapplication/jsonrequired
One of:

AAA Wi-Fi network

namestring(?=^((?!(`|\$\()).){2,32}$)^(\S.*\S)$required
typestringrequired
accountingRadiusIdstring
authRadiusIdstring
descriptionstring[ 0 .. 256 ] characters
enableAccountingProxyboolean
Default false
enableAuthProxyboolean
Default false
useCertificateTemplateboolean
Default false
wlanobject(AAAWlan)required

WLAN

wlan.​advancedCustomizationobject(AAAWlanAdvancedCustomization)

WLAN advanced customization

wlan.​bypassCNAboolean
Default false
wlan.​bypassCPUsingMacAddressAuthenticationboolean
Default false
wlan.​enabledboolean
Default true
wlan.​macAddressAuthenticationConfigurationobject(MacAddressAuthenticationConfiguration)

MAC address authentication configuration

wlan.​managementFrameProtectionstring
Enum"Disabled""Optional""Required"
wlan.​ssidstring[^`\s]([^`\t\r\n]){0,30}[^`\s]required
wlan.​vlanIdinteger(int32)[ 1 .. 4094 ]
Default 1
wlan.​wlanSecuritystring
Default "AAAWlanSecurityEnum.WPA2Enterprise"
Enum"WPA2Enterprise""WPA3"
application/json
{
  "name": "string",
  "type": "string",
  "accountingRadiusId": "string",
  "authRadiusId": "string",
  "description": "string",
  "enableAccountingProxy": false,
  "enableAuthProxy": false,
  "useCertificateTemplate": false,
  "wlan": {
    "advancedCustomization": { … },
    "bypassCNA": false,
    "bypassCPUsingMacAddressAuthentication": false,
    "enabled": true,
    "macAddressAuthenticationConfiguration": { … },
    "managementFrameProtection": "Disabled",
    "ssid": "string",
    "vlanId": 1,
    "wlanSecurity": "WPA2Enterprise"
  }
}

Responses

Accepted

Bodyapplication/json
requestIdstring
Response
application/json
{
  "requestId": "string"
}

Validate X509 CertificatesDeprecated

Request

Validate the x509 certificate chain issued by a trusted certificate authority.

Bodyapplication/jsonrequired
infostring
interCertsArray of objects(X509Certificate)
rootCertobject(X509Certificate)required

X509 certificate

rootCert.​certDatastring[ 0 .. 8192 ] characters^-+BEGIN CERTIFICATE-+[A-Za-z0-9/+ ]*={0,2} ?...required
rootCert.​fileNamestringrequired
rootCert.​isRootCertboolean
Default false
application/json
{
  "info": "string",
  "interCerts": [
    { … }
  ],
  "rootCert": {
    "certData": "string",
    "fileName": "string",
    "isRootCert": false
  }
}

Responses

Accepted

Bodyapplication/json
requestIdstring
Response
application/json
{
  "requestId": "string"
}

Application Policy

Manage application policy profiles.

Operations

AP Group

Manage AP-Groups.

Operations

Client

Manage client connections.

Operations

DHCP Configuration Service Profile

Manage DHCP configuration service profiles.

Operations

Client Isolation Allowlist

Manage client isolation allowlists.

Client isolation features, when enabled, prevent clients residing on a common VLAN from exchanging packets with each other. Client isolation is enforced by APs working at layer 2 (bridging). If client isolation is needed between VLANs/IP subnets, routers must also be configured to prevent packet exchange at layer 3. A client isolation allowlist provides the capability for administrators to configure exceptions to this isolation behavior. For example, an administrator may want to allow clients on a public network to access a printer in a common area of their venue. If so, the MAC and IP addresses of the printer (or any excepted device) can be configured on the client isolation allowlist.

Client isolation can be used in conjunction with walled gardens for public networks. Walled gardens provide limited access to services prior to client authentication whereas client isolation allowlists provide connectivity options post authentication.

Client isolation does not work when clients are assigned static IP addresses. For this reason, Ruckus recommends using DHCP lease reservations in lieu of static IP addresses when using this feature. Administrators may also want to consider use of the force DHCP option, available during wireless network configuration.

Complications to client isolation can arise when the VLAN's default gateway employs VRRP or HSRP for high availability or when Multicast DNS Proxy is configured on the same WLAN as the allowlist. If either of these situations applies in your network, please contact Ruckus customer support for assistance.

Operations

AP SNMP Agent Profile

Manage AP SNMP policy profiles.

Operations

Rogue AP Detection Policy

Manage rogue AP detection policies.

Rogue APs are Wi-Fi APs which are in radio range of your Wi-Fi network, but are unknown to the Ruckus cloud. For example, these may be APs in installed your venues without explicit authorization from your administrators, whether added by a well-meaning employee or by a malicious attacker; as such, they could be on the same LAN as your authorized APs. They could also be APs installed in nearby venues (for example, if your venue is part of a multi-tenant facility). Rogue classification polices help to automatically classify these unknown APs by setting up rules which trigger a rogue AP report when specific-rogue detection criteria are met.

Operations

AP Venue

Manage Wi-Fi venue configuration, including radio settings, mesh, LEDs, LAN-ports, and syslog.

Operations

L2ACL Policy

Manage layer-2 ACL policy profiles.

Operations

Device Policy

Manage device policies.

Operations

MDNS Proxy Service Profile

Manage Multicast DNS proxy service profiles.

Operations

Access Control Profile

Manage access control profiles.

Operations

VLAN Pool

Manage VLAN pool profiles.

Operations

Recovery

Retrieve and set the recovery PSK.

Operations