UCentric Audit process using API
NOTE: The following information requires a basic understanding of HTTP(S) protocols, JWT token usage, and GET/POST methodologies.
It is recommended that you use Postman for testing (https://www.postman.com/downloads/)
Depending on your installation, access may be via HTTP or HTTPS
All services are attached to port 8809 which is the underlying UCentric Server API engine
Basic process
The process to perform an audit using the UCentric protocols is as follows:-
Obtain a JWT token
Upload the PABX backup (and any ancillary files, such as Active Directory export)
Verify that the PABX audit file is of an expected type (and retrieve vendor type codes etc)
Create a new site (or use an existing one)
Schedule an ‘immeadiate’ Audit using the vendor type code
Poll the server to await completion
Request HLD (Word Merge) document
Request LLD (Excel Bulk Loader) document
Getting the JWT token
In order to obtain a JWT token, there must already be a valid user configured within the UCentric suite with appropriate privaledges. Note: On a ‘new’ install, you can use ucadmin / 12345 as the default credentials.
This is accessible via a standard HTTP(s) request
http://127.0.0.1:8809/checklogin?f=ucadmin&p=12345
This will return a JWT token that looks something like this
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MDczMDc0ODYsInByb2ZpbGVVaWQiOjEsImxvZ2luVWlkIjoxLCJzZXNzaW9uaWQiOjI2MDYyMzQzLCJ1c2VybmFtZSI6InVjYWRtaW4iLCJsb2dpblRpbWUiOjE3MDczMDAyODYsImxhc3RBY2Nlc3MiOjE3MDczMDAyODYsInByb2ZpbGUiOnsicG5sTWFpbiI6eyJ2aXMiOjF9LCJwbmxQZW9wbGUiOnsidmlzIjoxfSwicG5sVm9pY2UiOnsidmlzIjoxfSwicG5sUHJvcGVydHkiOnsidmlzIjoxfSwicG5sQUNEIjp7InZpcyI6MH0sInBubERIQyI6eyJ2aXMiOjF9LCJwbmxOSVAiOnsidmlzIjowfSwicG5sQXVkaXQiOnsidmlzIjoxfSwicG5sVm9pY2VNYWlsIjp7InZpcyI6MH0sInBubFdpcmVNYXAiOnsidmlzIjoxfSwicG5sU01TIjp7InZpcyI6MH0sInBubEFkbWluIjp7InZpcyI6MX0sInBubFRoZW1lIjp7InZpcyI6MX0sInBubFJlY29yZGVyIjp7InZpcyI6MH0sInBubEV4dGVybmFsIjp7InZpcyI6MH0sInBubEh5cGVyIjp7InZpcyI6MH0sInBubFN1cGVyQWRtaW4iOnsidmlzIjoxfSwicG5sU1BBQWRtaW4iOnsidmlzIjoxfSwidWNEZXB0SWRzIjoiIiwidWNVc2VySWRzIjoiIiwidWNBZ2VudElkcyI6IiIsInNtc1NpdGVJZCI6LTEsInNtc05vZGVJZCI6LTEsInRlbmFudElkIjoiIiwibG9jYXRpb25JZCI6LTEsImFzc2V0R3JvdXAiOiIiLCJicmFuZCI6ImRlZmF1bHQiLCJsYW5ndWFnZSI6IiIsInNob3dBdWRpdFRyZWUiOjAsImFkbWluaXN0cmF0b3IiOjEsImluYWN0IjoiMzAiLCJub2RlcyI6WyIhRGVtbyBEYXRhIiwiQ29udmF0ZWMiLCJIb25nIEtvbmcgQXZheWEiXSwiZW1haWxUZW1wbGF0ZSI6IiIsIlNTT0dyb3VwcyI6IiIsIlNQQUxvZ28iOiJ1Y2VudHJpYyIsIlNQQURlbGl2ZXJ5IjoiZGlyZWN0IiwiU1BBTExEIjoiIiwiU1BBSExEIjoiX0RlZmF1bHRfVGVtcGxhdGUuZG9jeCIsIlNQQUhhbmRzZXRzIjoiIiwiU1BBSExEMiI6MSwiU1BBU291cmNlcyI6IiIsIlNQQURlc3RzIjoiIiwiU1BBSGlkZVBybyI6MCwiU1BBSGlkZUxMRCI6MCwiU1BBQ2xpZW50SWQiOjAsInRoZW1lIjoiYm9vdHN0cmFwIiwibGFuZyI6MH0sInVjRGFzaGJvYXJkIjoiLHAxNixwMTQ6LHAzOixwOCxwMSIsInRoZW1lIjoiYm9vdHN0cmFwIiwibG9jYWxMYXQiOiI1MSIsImxvY2FsTG5nIjoiMCIsImxvY2FsTWFwTmFtZSI6IkxvbmRvbiIsImdBUEkiOiJBSXphU3lCYzlMWkExdVItY2puRzJNT3JoeExVY1BNenpod0FMTWciLCJyb3dzIjpbeyJsb2dpblVpZCI6MSwidXNlcm5hbWUiOiJ1Y2FkbWluIiwicGFzc3dvcmQiOiImJnpzM015OG89JiYiLCJma1Byb2ZpbGVVaWQiOjEsInVjRGFzaGJvYXJkIjoiLHAxNixwMTQ6LHAzOixwOCxwMSIsImdMYXQiOm51bGwsImdMbmciOm51bGwsImxhbmciOjAsInRoZW1lIjoiYm9vdHN0cmFwIiwiZGlzYWJsZWQiOjAsImxhc3RBY2Nlc3MiOjE3MDcxNTM3NjQsIlNTT05hbWUiOm51bGwsIlBBWUciOm51bGwsIlBBWUdBdWRpdENvdW50IjpudWxsLCJQQVlHUHJvdmlzaW9uQ291bnQiOm51bGwsInByb2ZpbGVVaWQiOjEsInByb2ZpbGVOYW1lIjoiRGVmYXVsdEFkbWluIiwicHJvZmlsZUpTT04iOiJ7XCJwbmxNYWluXCI6e1widmlzXCI6MX0sXCJwbmxQZW9wbGVcIjp7XCJ2aXNcIjoxfSxcInBubFZvaWNlXCI6e1widmlzXCI6MX0sXCJwbmxQcm9wZXJ0eVwiOntcInZpc1wiOjF9LFwicG5sQUNEXCI6e1widmlzXCI6MH0sXCJwbmxESENcIjp7XCJ2aXNcIjoxfSxcInBubEF1ZGl0XCI6e1widmlzXCI6MX0sXCJwbmxWb2ljZU1haWxcIjp7XCJ2aXNcIjowfSxcInBubEh5cGVyXCI6e1widmlzXCI6MH0sXCJwbmxFeHRlcm5hbFwiOntcInZpc1wiOjB9LFwicG5sV2lyZU1hcFwiOntcInZpc1wiOjF9LFwicG5sUmVjb3JkZXJcIjp7XCJ2aXNcIjowfSxcInBubFNNU1wiOntcInZpc1wiOjB9LFwicG5sQWRtaW5cIjp7XCJ2aXNcIjoxfSxcInBubFN1cGVyQWRtaW5cIjp7XCJ2aXNcIjoxfSxcInBubFRoZW1lXCI6e1widmlzXCI6MX0sXCJwbmxTUEFBZG1pblwiOntcInZpc1wiOjF9LFwidWNEZXB0SWRzXCI6XCJcIixcInVjVXNlcklkc1wiOlwiXCIsXCJ1Y0FnZW50SWRzXCI6XCJcIixcInNtc1NpdGVJZFwiOi0xLFwic21zTm9kZUlkXCI6LTEsXCJ0ZW5hbnRJZFwiOlwiXCIsXCJsb2NhdGlvbklkXCI6LTEsXCJhc3NldEdyb3VwXCI6XCJcIixcImJyYW5kXCI6XCJkZWZhdWx0XCIsXCJsYW5ndWFnZVwiOlwiXCIsXCJzaG93QXVkaXRUcmVlXCI6MCxcImFkbWluaXN0cmF0b3JcIjoxLFwicG5sTklQXCI6e1widmlzXCI6MH0sXCJpbmFjdFwiOlwiMzBcIixcIm5vZGVzXCI6W1wiIURlbW8gRGF0YVwiLFwiQ29udmF0ZWNcIixcIkhvbmcgS29uZyBBdmF5YVwiXSxcImVtYWlsVGVtcGxhdGVcIjpcIlwiLFwiU1NPR3JvdXBzXCI6XCJcIixcIlNQQUxvZ29cIjpcInVjZW50cmljXCIsXCJTUEFEZWxpdmVyeVwiOlwiZGlyZWN0XCIsXCJTUEFMTERcIjpcIlwiLFwiU1BBSExEXCI6XCJfRGVmYXVsdF9UZW1wbGF0ZS5kb2N4XCIsXCJTUEFIYW5kc2V0c1wiOlwiXCIsXCJTUEFITEQyXCI6MSxcIlNQQVNvdXJjZXNcIjpcIlwiLFwiU1BBRGVzdHNcIjpcIlwiLFwiU1BBSGlkZVByb1wiOjAsXCJTUEFIaWRlTExEXCI6MCxcIlNQQUNsaWVudElkXCI6MH0iLCJwcm9maWxlRGVsZXRlZCI6MCwiU1NPR3JvdXBzIjpudWxsfV0sIk1pdGVsIjoiMSIsIkxMRCI6IjEiLCJITEQiOiIwIiwiVGhlbWVzIjoiMSIsIlJDIjoiMCIsIkJUIjoiMCIsIlB1cmVJUCI6IjAiLCJDaXNjbyI6IjAiLCJCcm9hZHNvdXJjZSI6IjAiLCJFaWdodCI6IjAiLCJFdm9sdmVJUCI6IjAiLCJWRiI6IjAiLCJrd2hDb3N0IjoiIiwibm9kZVBvcnQiOiI4ODA5IiwiaWF0IjoxNzA3MzAwMjg2fQ.6KQJcc3U5rqWW_7B6caz2wib-sEL-uIsZR5Z72yb0_k
You will need this token for all future requests, but for further validation of access rights etc, you can use a JWT tool like https://jwt.io/ to view the token contents.
For all future requests, the Authorisation should be set to:-
Authorization: Bearer xxxxxxxx
(replacing xxxxxxxxx with the entire JWT token)
Uploading files
All files needed for the Audit should be uploaded prior to scheduling the audit event. These are all sent as POST ‘file upload' to http://127.0.0.1:8809/tempfile , setting the Authorization token as above
The returned data will provide the temporary filenames that you will need to schedule the audit
{"oldName":"alcatel2.txt","newName":"vxogr_alcatel2.txt"}
You should upload any additional files at this point (e.g. Active Directory) - there is no need to specify their usage at this point.
Verify the PABX audit file
With the “temporary” filename (in this case vxogr_alcatel2.txt) to a simple GET request as follows (adding the Authorization token)
This will return a JSON array of ‘detected’ types:
Note: There are rare circumstances where a backup can contain multiple audits (e.g. A Mitel MSL backup could contain a MiCC and MiCollab), which is why an Array is returned. If there is more than one entry, it is up to you to decide which decoder to use for the import.
The ALC is the “Vendor type” that we will need to schedule the import.
Create a new site
We now need a SiteId to tag this audit against. You can use an existing SiteId if you wish (the system supports multiple audits against a single system/customer) or simply add a new site.
This call returns a list of sites (set the nodes
parameter to filter based on the node (tree branch) - this can be comma-delimited for multiple branches.
The returned value looks like this
This dataset is designed to assist with a ‘tree’ view, but the key data you need is siteid
and vendor
which are the actual systems.
If you want to add a new site, instead use this GET endpoint
The parameters are:
This will return details of the site added
The key information you need here is the siteId
Scheduling an ‘immeadiate’ Audit
To schedule an audit, use the following GET endpoint
The parameters are as follows
The XXXX parameter details how the UCentric Server should perform the audit and also has some embedded parameters, these should be URLEncoded
This is the same as
Where ALC
is the detected vendor type and 2619
is the siteId we either created or located
This will return the following result
Within this response you will need to note the following key parameters for future calls:-
scheduleId
is the Scheduled event (the actual Audit activity)
timestamp
is the time the activity starts
scandate
is the Timestamp that will be attached to all data that is audited
Polling the server
At this point you can repeatedly call the following URL to get a status of what is happening (live audit process view)
The parameters are
This will return a data set that looks like this
As the polling continues, you’ll get a status of where the audit is, the the newest entry at the top of the rows:[] array
Eventually you will see the following event as the 1st entry in the array
You are looking for eventMsg
to show "eventMsg": "Audit has completed successfully."
Once that has been received, you can then request the reports.
Requesting a HLD (Word Merge) document
This is simply a case of providing the audit details as follows:
The parameters are
The following standard templates are available, but you can create your own - please refer to this guide
UCentric HLD/Word Merge Creation Guide
Requesting LLD (Excel Bulk Loader) document
The LLD or Bulk-loader document can accept a number of additional parameters to blend alternative data sources and set various conditions
The parameters are
The JSON (which MUST be URL encoded) is as follows:
The key parameters you should change are:-
outputFormat
is one of UCentric’s standard output formats, which are Excel
or JSON