# LitmusEdgeManager 2.31.x API Documentation/Edge Lifecycle Management/Activation - LE, LEM, LUNS API Docs ## Activation Config List **GET** `{{LEM_URL}}/api/v1/activation/config/list?projectId={{project_id}}` # Activation Config List Returns the activation configurations available to the project. Each carries an activation `code`, `expiresAt`, allowed device count, current usage counts, attached license keys / templates, lease TTL, license type, and license-server settings. ## Endpoint ```http GET {{LEM_URL}}/api/v1/activation/config/list?projectId={{project_id}} ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Response **Status**: 200 OK ```json [ { "projectId": "462j1mq70mph31wa100t1yuxa", "code": "V9ZUA-DY6FX-CFC7V-JJY7D-V3OVF", "expiresAt": 1722668400000, "deviceCount": 10, "usageCount": 1, "usages": [ "1a5wiavluwxuhwai5leb1v0hc" ], "licenseKeys": [], "templateNames": [], "leaseTtl": 365, "licenseType": "NODE_LOCKED", "licenseServerHost": null, "licenseServerPort": 0, "options": { "DEFAULT_PASSWORD_POLICY": false }, "createdOn": 1691104130000, "wgPersistentKeepalive": null, "firstUnusedLicense": null } ] ``` --- ## Add Activation Config **POST** `{{LEM_URL}}/api/v1/activation/config` # Add Activation Config Creates a new activation configuration in the project. The server generates the activation `code` if `code: null`. The config is what new devices use during onboarding to bind to the right project / license / template set. ## Endpoint ```http POST {{LEM_URL}}/api/v1/activation/config ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Request body ```json { "projectId": "{{project_id}}", "code": null, "expiresAt": 1756191600000, "deviceCount": 10, "leaseTtl": 365, "licenseSkus": [], "templateNames": [], "licenseType": "NODE_LOCKED", "licenseServerHost": null, "licenseServerPort": 5053, "options": { "DEFAULT_PASSWORD_POLICY": false } } ``` ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Request Body ```json { "projectId": "{{project_id}}", "code": null, "expiresAt": 1756191600000, "deviceCount": 10, "leaseTtl": 365, "licenseSkus": [], "templateNames": [], "licenseType": "NODE_LOCKED", "licenseServerHost": null, "licenseServerPort": 5053, "options": { "DEFAULT_PASSWORD_POLICY": false }, "wgPersistentKeepalive": null } ``` ### Response **Status**: 200 OK ```json { "projectId": "{{project_id}}", "code": "4JOOD-2CWAQ-KNDWX-7EUUM-9Y7LF", "expiresAt": 1756191600000, "deviceCount": 10, "usageCount": 0, "usages": [], "templateNames": [], "leaseTtl": 365, "licenseType": "NODE_LOCKED", "licenseServerHost": null, "licenseServerPort": 0, "options": { "DEFAULT_PASSWORD_POLICY": false }, "createdOn": null, "wgPersistentKeepalive": null, "licenseSkus": [] } ``` --- ## Requests List **GET** `{{LEM_URL}}/api/v1/activation/request?projectId={{project_id}}` # Requests List Returns activation requests for the project. Each request represents a device asking to onboard, with hardware info, activation code used, current status, message, and per-step timestamps. ## Endpoint ```http GET {{LEM_URL}}/api/v1/activation/request?projectId={{project_id}} ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Response **Status**: 200 OK ```json [ { "entryID": 4, "code": "V9ZUA-DY6FX-CFC7V-JJY7D-V3OVF", "hostname": "litmus-edge-94c6911b9c77", "macAddress": "a1:b2:c3:d4:e5:00,a0:c5:89:af:cd:af", "info": { "type": "litmusedge", "version": "3.5.4", "memoryGb": 7847, "storageGb": 223791, "virtualization": null, "hw": "physical" }, "status": "ACTIVATED", "message": "", "projectId": "462j1mq70mph31wa100t1yuxa", "deviceId": "1a5wiavluwxuhwai5leb1v0hc", "createdOn": 1691104159000, "hostID": "94c6911b9c77", "provisionStatus": [ { "stage": "ACTIVATION", "stageName": "Activation", "stageStatus": "DONE", "step": "RECEIVED", "stepName": "Activation request received", "properties": {}, "stepStatus": "DONE", "message": null, "updatedAt": 1691104169263 }, { "stage": "ACTIVATION", "stageName": "Activation", "stageStatus": "DONE", "step": "APPROVED", "stepName": "Activation request approved", "properties": {}, "stepStatus": "DONE", "message": null, "updatedAt": 1691104170160 }, { "stage": "ACTIVATION", "stageName": "Activation", "stageStatus": "DONE", "step": "CONFIRMED", "stepName": "Activation request confirmed", "properties": {}, "stepStatus": "DONE", "message": null, "updatedAt": 1691104179588 }, { "stage": "PROVISION", "stageName": "Provision", "stageStatus": "DONE", "step": "LICENSE_GENERATED", "stepName": "Offline license generated", "properties": {}, "stepStatus": "SKIPPED", "message": "No license key defined", "updatedAt": 1691104179596 }, { "stage": "PROVISION", "stageName": "Provision", "stageStatus": "DONE", "step": "LICENSE_PROVISIONED", "stepName": "License provisioned to the device", "properties": {}, "stepStatus": "SKIPPED", "message": "No license key defined", "updatedAt": 1691104179597 } ], "zerotierNodeId": "19a0049b29", "prettyName": "Litmus Edge (a1:b2:c3:d4:e5:00)- SJ office sensor", "templates": [], "licenseType": "NODE_LOCKED", "updatedBy": "user_name" } ] ``` --- ## Request Details **GET** `{{LEM_URL}}/api/v1/activation/config?code={{activation_code}}&projectId={{project_id}}` # Request Details Returns the configuration backing one activation request identified by its `code`. Same shape as one element of `Activation Config List`. ## Endpoint ```http GET {{LEM_URL}}/api/v1/activation/config?code={{activation_code}}&projectId={{project_id}} ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Response **Status**: 200 OK ```json { "projectId": "462j1mq70mph31wa100t1yuxa", "code": "V9ZUA-DY6FX-CFC7V-JJY7D-V3OVF", "expiresAt": 1722668400000, "deviceCount": 10, "usageCount": 1, "usages": [ "1a5wiavluwxuhwai5leb1v0hc" ], "licenseKeys": [], "templateNames": [], "leaseTtl": 365, "licenseType": "NODE_LOCKED", "licenseServerHost": null, "licenseServerPort": 0, "options": { "DEFAULT_PASSWORD_POLICY": false }, "createdOn": 1691104130000, "wgPersistentKeepalive": null, "firstUnusedLicense": null } ``` --- ## Approve Request **POST** `{{LEM_URL}}/api/v1/activation/request/status` # Approve Request Approves a pending activation request. After approval, LEM provisions the device's license / template / certificate set. ## Endpoint ```http POST {{LEM_URL}}/api/v1/activation/request/status ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Request body ```json { "entryID": {{project_entry_id}}, "projectId": "{{project_id}}", "status": "APPROVED" } ``` ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Request Body ```json { "entryID": {{project_entry_id}}, "projectId": "{{project_id}}", "status": "APPROVED" } ``` --- ## Reject Request **POST** `{{LEM_URL}}/api/v1/activation/request/status` # Reject Request Rejects a pending activation request. The device's onboarding attempt fails. ## Endpoint ```http POST {{LEM_URL}}/api/v1/activation/request/status ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Request body ```json { "entryID": {{project_entry_id}}, "projectId": "{{project_id}}", "status": "REJECTED" } ``` ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Request Body ```json { "entryID": {{project_entry_id}}, "projectId": "{{project_id}}", "status": "REJECTED" } ``` --- ## Retry Failed Request **POST** `{{LEM_URL}}/api/v1/activation/request/request-retry-provision?entryId={{project_entry_id}}&projectId={{project_id}}` # Retry Failed Request Re-runs the provisioning step for a failed activation request. Useful when the original failure was transient (license-server blip, image download glitch). ## Endpoint ```http POST {{LEM_URL}}/api/v1/activation/request/request-retry-provision?entryId={{project_entry_id}}&projectId={{project_id}} ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Response **Status**: 204 No Content --- ## List ZeroTouch Configs **GET** `{{LEM_URL}}/api/v1/zt/{{project_id}}/config` # List ZeroTouch Configs Returns the **Zero-Touch** configurations for the project. Each Zero-Touch config produces a `.zip` bundle that ships with new devices for hands-off provisioning -- the device boots, reads the bundle, and self-registers with LEM. ## Endpoint ```http GET {{LEM_URL}}/api/v1/zt/{{project_id}}/config ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Response `200 OK` -- `application/json`. Paged. Each entry: `id`, `projectId`, `configName`, `staticIPEnabled`, `asyncSubtaskId`, `ztBundleFileName`, `ztBundleFileSize`, `checksum`. ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Response **Status**: 200 OK ```Text { "pageNum": 0, "pagesCount": 1, "size": 1, "totalSize": 1, "elements": [ { "id": "f490e8e5-9ea6-4e38-917f-1a0332b990c7", "projectId": "39abjcmqdc6r4gsctj7zjufnv", "configName": "ui-test", "staticIPEnabled": false, "asyncSubtaskId": "ce28b00e-d841-44cf-b43d-23fe237bc0d5", "ztBundleFileName": "39abjcmqdc6r4gsctj7zjufnv/zerotouch-ui-test-f490e8e5.zip", "ztBundleFileSize": 2055, "checksum": "sha256:5bcdf55c86a3cdcbc30f32c6019e3c0fb417272601dfe77304b835e9658cafff", "createdBy": "demo", "createTime": 1755721657000, "updatedBy": "demo", "updateTime": 1755721666000, "generatedBy": "demo", "generateTime": 1755721665000, "ztConfig": { "version": "1.0", "activation": { "code": "5GFPO-4GMZ5-FDENG-HTVG9-WXSL9", "url": "https://10.17.10.247", "cert": "-----BEGIN CERTIFICATE-----\nMIIDSzCCAjOgAwIBAgIUQYLKBq7xn4lfOvZmkNyaAD+HoxAwDQYJKoZIhvcNAQELBQAwLTErMCkGA1UEAxMiTGl0bXVzIEVkZ2UgTWFuYWdlciBDQSAyNTA4MjMxMjIzOTAeFw0yNTA4MTkyMjM4NTVaFw00NTA4MTQyMjM5MjRaMC0xKzApBgNVBAMTIkxpdG11cyBFZGdlIE1hbmFnZXIgQ0EgMjUwODIzMTIyMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwzdhYBvlK+Cwy7mxEI9J86B+6JjMpMN3Wul0U2PZ8O/B8vQ+UOpAqNT8sRm1jMHv4zo0UTmpwg5SR1u8gSokkSB6cnUItbOZRwVMKmnJnonw4DMKawgD1LuXqdUbSVrzte80YetR93ugkWSlC6Cwr8qdXoBjzBU7KqEivGK/KpSWigyN/185asBrFQtwQxODD7CVleYa2XWwdazqmLTea8ogYmIoIEByQAoODZ+Gp4m7t3rsPin4X+aGrMteHQi4yNDvHE9UL3J8e+2iIDT1DkbpIepT+vxZsx7IC7mGH7s7xYtLYIycVZlEs9qevf/zVQ4lDIrxIe6JwdhG0PFGnAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBS/NdppA6lG+Gy0WlZ151/562Ia/jAfBgNVHSMEGDAWgBS/NdppA6lG+Gy0WlZ151/562Ia/jANBgkqhkiG9w0BAQsFAAOCAQEALAqI3IT30t1/a+afBM7mxK/PYPPZPcKnI6E7zhEmSaUMg6Y2EdHHiv5gNHX1AwQLItO34yTm1xkykUTI4n1tEMloXdmKNflz6o0Ec/HrtcqKP9Cln14NAwiahtXJloS/YihBCBn3DuH5XUmBcKbvJn8qQ4CUH6SoFvcu7AJ/SVBuJUacIMJBS9cdTWQ8OKdIzY9nwT2VOyQ76at+gSXLikLMNSr7au/eg7zEKg5t1PD3rhdNSMtabwj2WKDxXSol1wfGXf9gPkSOiXS5xGDPXxrhJS220v43ZKwUlsDQfri80VkrT3m5p1EZQVRrjJUFHXCKGS9hipI7gN2MqKmwdg==\n-----END CERTIFICATE-----" }, "containers": [ { "name": "hello", "run-cmd": "/bin/bash" } ] }, "asyncSubtaskStatus": "SUCCESS", "asyncSubtaskProgress": 1 } ] } ``` ---