# LitmusEdgeManager 2.31.x API Documentation/Edge Lifecycle Management/Remote Access - LE, LEM, LUNS API Docs ## Peer List **GET** `{{LEM_URL}}/api/v1/wg/peer/list?projectId={{project_id}}` # Peer List Returns the WireGuard peers (= edge devices) in the project's remote network. Each peer carries subnet, allowed IP, keys, and the generated WireGuard configuration string. ## Endpoint ```http GET {{LEM_URL}}/api/v1/wg/peer/list?projectId={{project_id}} ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Response **Status**: 200 OK ```json [ { "peerId": 4, "subnetId": 1, "name": "litmus-edge-94c6911b9c77", "projectId": "462j1mq70mph31wa100t1yuxa", "projectName": "projectname", "companyName": "solutions", "deviceId": "1a5wiavluwxuhwai5leb1v0hc", "subnet": "192.168.127.0/24", "subnetName": "Default Network", "allowedIp": "192.168.127.4/32", "publicKey": "6hHmY0A5mXijW3v1X+mj52tIFXFixlxJKD6OWChsURE=", "presharedKey": "HOUZaY5RPTD3WysGid/6ulEJiMCPtlE2AOOx+P8Wa8A=", "online": false, "config": "[Interface]\nAddress = 192.168.127.4/32\nPrivateKey = YOUR_PRIVATE_KEY\n\n[Peer]\nPublicKey = qpMAC//nrcj/2D4+i+XQVGF3DqkuIBExWoDWrJQsu3Q=\nPresharedKey = HOUZaY5RPTD3WysGid/6ulEJiMCPtlE2AOOx+P8Wa8A=\nEndpoint = 10.17.3.103:51820\nAllowedIPs = 192.168.127.1/32\nPersistentKeepalive = 22\n", "hostName": "litmus-edge-94c6911b9c77", "prettyName": "Litmus Edge (94:c6:91:1b:9c:77)- SJ office sensor" } ] ``` --- ## Peer Stats **GET** `{{LEM_URL}}/api/v1/wg/stats/peers?projectId={{project_id}}` # Peer Stats Returns runtime stats per WireGuard peer: online status, traffic in/out bytes, last-seen timestamp. ## Endpoint ```http GET {{LEM_URL}}/api/v1/wg/stats/peers?projectId={{project_id}} ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Response **Status**: 200 OK ```json [ { "online": true, "peerId": 4, "publicKey": "6hHmY0A5mXijW3v1X+mj52tIFXFixlxJKD6OWChsURE=", "name": "litmus-edge-94c6911b9c77", "allowedIp": "192.168.127.4/32", "companyName": "solutions", "projectId": "462j1mq70mph31wa100t1yuxa", "projectName": "projectname", "subnetId": 1, "subnetName": "Default Network", "trafficIn": 1879, "trafficOut": 783, "lastSeenDate": 1697142347, "hostName": "litmus-edge-94c6911b9c77", "prettyName": "Litmus Edge (94:c6:91:1b:9c:77)- SJ office sensor" } ] ``` --- ## Project Details **GET** `{{LEM_URL}}/api/v1/project/{{project_id}}` # Project Details Returns the same project record as `Settings > Settings - Project Details`. Listed here because remote-access configuration appears under `remoteNetwork` on the project. ## Endpoint ```http GET {{LEM_URL}}/api/v1/project/{{project_id}} ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Response **Status**: 200 OK ```json { "id": "462j1mq70mph31wa100t1yuxa", "companyName": "solutions", "name": "parth", "description": "", "teams": {}, "properties": { "KEEP_DELETED_INTERVAL": "24", "STORE_OMA_DATA": "false", "DATAENRICHER_INTEGRATION": "off", "STORE_RAW_DATA": "false" }, "dataTtl": 30, "topics": [], "numberOfAllocatedSlots": 0, "keys": [], "remoteNetwork": null, "deleted": false, "actionTemplates": {}, "triggers": { "6u98gdlpwxuypstkb7826beb9": { "id": "6u98gdlpwxuypstkb7826beb9", "name": "Monitor alert failures", "description": null, "simpleRules": null, "eventRules": null, "rawDataRules": null, "metricRules": null, "advancedRules": null, "deduplicate": true, "severity": 2, "subject": "Monitor alert failures", "message": "Monitor alert failures", "tags": null, "deviceId": null, "actions": null, "active": true, "showOnDashboard": true, "scopeType": "SYSTEM", "sourceType": "DATA", "updatedOn": 1691100533111, "notifyContinuously": false, "notifyGracePeriod": 0, "alertDelay": 0 } }, "billingPlanCode": null, "createdAt": null, "grafanaOrgId": 0, "subnetId": 1, "latestBackupsToKeep": 3, "pubSubKeyRotationIntervalSec": 0, "pubSubKeyRotationDaysOfWeek": [], "pubSubKeyRotationTime": null, "pubSubKeyRotationWindowSec": 0 } ``` --- ## Subnet **GET** `{{LEM_URL}}/api/v1/wg/subnet?subnetId=1` # Subnet Returns the configuration of one WireGuard subnet: interface ID, IP range, listen port, IPv4/IPv6 type, default-network flag, and the number of projects bound to it. ## Endpoint ```http GET {{LEM_URL}}/api/v1/wg/subnet?subnetId=1 ``` ## Authentication HTTP Basic Auth. **Username** is your API token, **password** is empty. Tokens are managed under `System > Access Control > Tokens`. ## Response ```json { "subnetId": 1, "interfaceId": "wg0", "name": "Default Network", "subnet": "192.168.127.0/24", "listenPort": 51820, "type": "IPv4", "defaultSign": true, "projectsNum": 10 } ``` ## Errors | HTTP status | When it happens | |---------------------|--------------------------------------------------------------------------------| | `400 Bad Request` | Missing or malformed query/body parameter. | | `401 Unauthorized` | Missing or invalid credentials. | | `403 Forbidden` | Token lacks permission for this operation. | | `404 Not Found` | Target entity does not exist. | | `5xx` | Service is unreachable, restarting, or internally errored. Inspect device logs under `System > Support`. | > **TLS note**: edge devices use a self-signed certificate by default. Either install the device CA in your client trust store or disable certificate verification when calling this endpoint directly. ### Response **Status**: 200 OK ```json { "subnetId": 1, "interfaceId": "wg0", "name": "Default Network", "subnet": "192.168.127.0/24", "listenPort": 51820, "type": "IPv4", "defaultSign": true, "projectsNum": 10 } ``` ---