REST API
VXG provides a powerful API for integration with other services and front-ends. The API functions are divided into several sections. Each section has an API reference in Swagger format. Each function can be called and tested online.
Authorization
The API functions are divided into 3 categories with different levels of security.
“Acc” authorization
The least secure API uses a "camera access token" for authorization and it's designed for use with front-ends like web and mobile apps. The “camera access token” is a unique camera identifier that can be changed at any time.
All function calls require an authorization header:
'Authorization: Acc %channel_access_token%'
Example of an authorization header:
curl -X GET \
"https://web.vxgdemo.vxgdemo.cloud-vms.com/api/v4/live/watch/" \
-H "accept: application/json" \
-H "Authorization: Acc eyJjYW1pZCI6IDI0ODUyNywgImNtbmdyaWQiOiAyNDg5NjQsICJhY2Nlc3MiOiAiYWxsIiwgInRva2VuIjogInNoYXJlLmV5SnphU0k2SURJek5UWXpPWDAuNjFhOTY0YzN0YmMxZmFiMDAueEJXWGRrc0FVUnY2d3M1TU9aWC1BUUloLUtNIiwgImFwaSI6ICJ3ZWIuc2t5dnIudmlkZW9leHBlcnRzZ3JvdXAuY29tIiwgImNhbSI6ICJjYW0uc2t5dnIudmlkZW9leHBlcnRzZ3JvdXAuY29tIn0="
Similar to a “camera access token”, Cloud VMS also operates with “group access tokens” that represent a group of cameras. The API for “group access tokens” uses “SI” instead of “Acc” in the authorization header.
“LKey” authorization
The next level is Admin API which uses a "license key" for authorization and it's designed to be used from a back-end. On this level, the API can add new cameras and control cloud resources. It can also retrieve “camera access tokens” and generate new ones. There is one "license key" per account/user (which can be a user, organization, or customer).
The “license key” should be injected into the Authorization header of every request:
Authorization: LKey %license_key%
For example, if the license key is "v3.X9tKpuXq0btatj":
curl -X GET \
"https://web.vxgdemo.vxgdemo.cloud-vms.com/api/v3/channels/" \
-H "accept: application/json" \
-H "Authorization: LKey v3.X9tKpuXq0btatj"
Key & certificate authentication
The highest level of security is used by super admin API and it requires a key & certificate for authentication. It's designed for cloud-to-cloud communication. On this level, the API can create accounts/users, retrieve existing “license keys”, or generate new ones.
For example:
curl -X POST \
--key ./company.key\
--cert ./company.crt\
-k\
https://ip:9000/api/v2/admin/users/\
-H "accept: application/json" \
-H "Content-Type: application/json" \
-d "{ \"suid\": \"user_id\", \"usrc\": \"Company_name\", \"license_key\": {\"value\": \"LICENSEKEY\"}, \" limits\": {\"hosted_cameras\": 100} }"
V2 API
Authorization - license key (LKey)
https://web.vxgdemo.vxgdemo.cloud-vms.com/docs/v2.html
V3 API
Authorization - license key (LKey)
https://web.vxgdemo.vxgdemo.cloud-vms.com/docs/v3.html
V4 API
Authorization - access token (Acc)
https://web.vxgdemo.vxgdemo.cloud-vms.com/docs/v4.html
V5 API
Authorization - group access token (SI)
https://web.vxgdemo.vxgdemo.cloud-vms.com/docs/v5.html
V2 Super-admin API
Authorization - SSL key/certificate pair
https://web.vxgdemo.vxgdemo.cloud-vms.com/docs/v2_admin.html