UCentric Audit process using API

Owned by Paul McGuinness
Feb 07, 2024
17 min read

NOTE: The following information requires a basic understanding of HTTP(S) protocols, JWT token usage, and GET/POST methodologies.

It is recommended that you use Postman for testing (https://www.postman.com/downloads/)

Depending on your installation, access may be via HTTP or HTTPS

All services are attached to port 8809 which is the underlying UCentric Server API engine

Basic process

The process to perform an audit using the UCentric protocols is as follows:-

  • Obtain a JWT token

  • Upload the PABX backup (and any ancillary files, such as Active Directory export)

  • Verify that the PABX audit file is of an expected type (and retrieve vendor type codes etc)

  • Create a new site (or use an existing one)

  • Schedule an ‘immeadiate’ Audit using the vendor type code

  • Poll the server to await completion

  • Request HLD (Word Merge) document

  • Request LLD (Excel Bulk Loader) document

 

Getting the JWT token

In order to obtain a JWT token, there must already be a valid user configured within the UCentric suite with appropriate privaledges. Note: On a ‘new’ install, you can use ucadmin / 12345 as the default credentials.

This is accessible via a standard HTTP(s) request

http://127.0.0.1:8809/checklogin?f=ucadmin&p=12345

This will return a JWT token that looks something like this

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MDczMDc0ODYsInByb2ZpbGVVaWQiOjEsImxvZ2luVWlkIjoxLCJzZXNzaW9uaWQiOjI2MDYyMzQzLCJ1c2VybmFtZSI6InVjYWRtaW4iLCJsb2dpblRpbWUiOjE3MDczMDAyODYsImxhc3RBY2Nlc3MiOjE3MDczMDAyODYsInByb2ZpbGUiOnsicG5sTWFpbiI6eyJ2aXMiOjF9LCJwbmxQZW9wbGUiOnsidmlzIjoxfSwicG5sVm9pY2UiOnsidmlzIjoxfSwicG5sUHJvcGVydHkiOnsidmlzIjoxfSwicG5sQUNEIjp7InZpcyI6MH0sInBubERIQyI6eyJ2aXMiOjF9LCJwbmxOSVAiOnsidmlzIjowfSwicG5sQXVkaXQiOnsidmlzIjoxfSwicG5sVm9pY2VNYWlsIjp7InZpcyI6MH0sInBubFdpcmVNYXAiOnsidmlzIjoxfSwicG5sU01TIjp7InZpcyI6MH0sInBubEFkbWluIjp7InZpcyI6MX0sInBubFRoZW1lIjp7InZpcyI6MX0sInBubFJlY29yZGVyIjp7InZpcyI6MH0sInBubEV4dGVybmFsIjp7InZpcyI6MH0sInBubEh5cGVyIjp7InZpcyI6MH0sInBubFN1cGVyQWRtaW4iOnsidmlzIjoxfSwicG5sU1BBQWRtaW4iOnsidmlzIjoxfSwidWNEZXB0SWRzIjoiIiwidWNVc2VySWRzIjoiIiwidWNBZ2VudElkcyI6IiIsInNtc1NpdGVJZCI6LTEsInNtc05vZGVJZCI6LTEsInRlbmFudElkIjoiIiwibG9jYXRpb25JZCI6LTEsImFzc2V0R3JvdXAiOiIiLCJicmFuZCI6ImRlZmF1bHQiLCJsYW5ndWFnZSI6IiIsInNob3dBdWRpdFRyZWUiOjAsImFkbWluaXN0cmF0b3IiOjEsImluYWN0IjoiMzAiLCJub2RlcyI6WyIhRGVtbyBEYXRhIiwiQ29udmF0ZWMiLCJIb25nIEtvbmcgQXZheWEiXSwiZW1haWxUZW1wbGF0ZSI6IiIsIlNTT0dyb3VwcyI6IiIsIlNQQUxvZ28iOiJ1Y2VudHJpYyIsIlNQQURlbGl2ZXJ5IjoiZGlyZWN0IiwiU1BBTExEIjoiIiwiU1BBSExEIjoiX0RlZmF1bHRfVGVtcGxhdGUuZG9jeCIsIlNQQUhhbmRzZXRzIjoiIiwiU1BBSExEMiI6MSwiU1BBU291cmNlcyI6IiIsIlNQQURlc3RzIjoiIiwiU1BBSGlkZVBybyI6MCwiU1BBSGlkZUxMRCI6MCwiU1BBQ2xpZW50SWQiOjAsInRoZW1lIjoiYm9vdHN0cmFwIiwibGFuZyI6MH0sInVjRGFzaGJvYXJkIjoiLHAxNixwMTQ6LHAzOixwOCxwMSIsInRoZW1lIjoiYm9vdHN0cmFwIiwibG9jYWxMYXQiOiI1MSIsImxvY2FsTG5nIjoiMCIsImxvY2FsTWFwTmFtZSI6IkxvbmRvbiIsImdBUEkiOiJBSXphU3lCYzlMWkExdVItY2puRzJNT3JoeExVY1BNenpod0FMTWciLCJyb3dzIjpbeyJsb2dpblVpZCI6MSwidXNlcm5hbWUiOiJ1Y2FkbWluIiwicGFzc3dvcmQiOiImJnpzM015OG89JiYiLCJma1Byb2ZpbGVVaWQiOjEsInVjRGFzaGJvYXJkIjoiLHAxNixwMTQ6LHAzOixwOCxwMSIsImdMYXQiOm51bGwsImdMbmciOm51bGwsImxhbmciOjAsInRoZW1lIjoiYm9vdHN0cmFwIiwiZGlzYWJsZWQiOjAsImxhc3RBY2Nlc3MiOjE3MDcxNTM3NjQsIlNTT05hbWUiOm51bGwsIlBBWUciOm51bGwsIlBBWUdBdWRpdENvdW50IjpudWxsLCJQQVlHUHJvdmlzaW9uQ291bnQiOm51bGwsInByb2ZpbGVVaWQiOjEsInByb2ZpbGVOYW1lIjoiRGVmYXVsdEFkbWluIiwicHJvZmlsZUpTT04iOiJ7XCJwbmxNYWluXCI6e1widmlzXCI6MX0sXCJwbmxQZW9wbGVcIjp7XCJ2aXNcIjoxfSxcInBubFZvaWNlXCI6e1widmlzXCI6MX0sXCJwbmxQcm9wZXJ0eVwiOntcInZpc1wiOjF9LFwicG5sQUNEXCI6e1widmlzXCI6MH0sXCJwbmxESENcIjp7XCJ2aXNcIjoxfSxcInBubEF1ZGl0XCI6e1widmlzXCI6MX0sXCJwbmxWb2ljZU1haWxcIjp7XCJ2aXNcIjowfSxcInBubEh5cGVyXCI6e1widmlzXCI6MH0sXCJwbmxFeHRlcm5hbFwiOntcInZpc1wiOjB9LFwicG5sV2lyZU1hcFwiOntcInZpc1wiOjF9LFwicG5sUmVjb3JkZXJcIjp7XCJ2aXNcIjowfSxcInBubFNNU1wiOntcInZpc1wiOjB9LFwicG5sQWRtaW5cIjp7XCJ2aXNcIjoxfSxcInBubFN1cGVyQWRtaW5cIjp7XCJ2aXNcIjoxfSxcInBubFRoZW1lXCI6e1widmlzXCI6MX0sXCJwbmxTUEFBZG1pblwiOntcInZpc1wiOjF9LFwidWNEZXB0SWRzXCI6XCJcIixcInVjVXNlcklkc1wiOlwiXCIsXCJ1Y0FnZW50SWRzXCI6XCJcIixcInNtc1NpdGVJZFwiOi0xLFwic21zTm9kZUlkXCI6LTEsXCJ0ZW5hbnRJZFwiOlwiXCIsXCJsb2NhdGlvbklkXCI6LTEsXCJhc3NldEdyb3VwXCI6XCJcIixcImJyYW5kXCI6XCJkZWZhdWx0XCIsXCJsYW5ndWFnZVwiOlwiXCIsXCJzaG93QXVkaXRUcmVlXCI6MCxcImFkbWluaXN0cmF0b3JcIjoxLFwicG5sTklQXCI6e1widmlzXCI6MH0sXCJpbmFjdFwiOlwiMzBcIixcIm5vZGVzXCI6W1wiIURlbW8gRGF0YVwiLFwiQ29udmF0ZWNcIixcIkhvbmcgS29uZyBBdmF5YVwiXSxcImVtYWlsVGVtcGxhdGVcIjpcIlwiLFwiU1NPR3JvdXBzXCI6XCJcIixcIlNQQUxvZ29cIjpcInVjZW50cmljXCIsXCJTUEFEZWxpdmVyeVwiOlwiZGlyZWN0XCIsXCJTUEFMTERcIjpcIlwiLFwiU1BBSExEXCI6XCJfRGVmYXVsdF9UZW1wbGF0ZS5kb2N4XCIsXCJTUEFIYW5kc2V0c1wiOlwiXCIsXCJTUEFITEQyXCI6MSxcIlNQQVNvdXJjZXNcIjpcIlwiLFwiU1BBRGVzdHNcIjpcIlwiLFwiU1BBSGlkZVByb1wiOjAsXCJTUEFIaWRlTExEXCI6MCxcIlNQQUNsaWVudElkXCI6MH0iLCJwcm9maWxlRGVsZXRlZCI6MCwiU1NPR3JvdXBzIjpudWxsfV0sIk1pdGVsIjoiMSIsIkxMRCI6IjEiLCJITEQiOiIwIiwiVGhlbWVzIjoiMSIsIlJDIjoiMCIsIkJUIjoiMCIsIlB1cmVJUCI6IjAiLCJDaXNjbyI6IjAiLCJCcm9hZHNvdXJjZSI6IjAiLCJFaWdodCI6IjAiLCJFdm9sdmVJUCI6IjAiLCJWRiI6IjAiLCJrd2hDb3N0IjoiIiwibm9kZVBvcnQiOiI4ODA5IiwiaWF0IjoxNzA3MzAwMjg2fQ.6KQJcc3U5rqWW_7B6caz2wib-sEL-uIsZR5Z72yb0_k

You will need this token for all future requests, but for further validation of access rights etc, you can use a JWT tool like https://jwt.io/ to view the token contents.

For all future requests, the Authorisation should be set to:-

Authorization: Bearer xxxxxxxx

(replacing xxxxxxxxx with the entire JWT token)

 

Uploading files

All files needed for the Audit should be uploaded prior to scheduling the audit event. These are all sent as POST ‘file upload' to http://127.0.0.1:8809/tempfile , setting the Authorization token as above

The returned data will provide the temporary filenames that you will need to schedule the audit

{"oldName":"alcatel2.txt","newName":"vxogr_alcatel2.txt"}

You should upload any additional files at this point (e.g. Active Directory) - there is no need to specify their usage at this point.

 

Verify the PABX audit file

With the “temporary” filename (in this case vxogr_alcatel2.txt) to a simple GET request as follows (adding the Authorization token)

This will return a JSON array of ‘detected’ types:

Note: There are rare circumstances where a backup can contain multiple audits (e.g. A Mitel MSL backup could contain a MiCC and MiCollab), which is why an Array is returned. If there is more than one entry, it is up to you to decide which decoder to use for the import.

The ALC is the “Vendor type” that we will need to schedule the import.

Create a new site

We now need a SiteId to tag this audit against. You can use an existing SiteId if you wish (the system supports multiple audits against a single system/customer) or simply add a new site.

This call returns a list of sites (set the nodes parameter to filter based on the node (tree branch) - this can be comma-delimited for multiple branches.

The returned value looks like this

This dataset is designed to assist with a ‘tree’ view, but the key data you need is siteidand vendorwhich are the actual systems.

If you want to add a new site, instead use this GET endpoint

The parameters are:

This will return details of the site added

The key information you need here is the siteId

Scheduling an ‘immeadiate’ Audit

To schedule an audit, use the following GET endpoint

The parameters are as follows

The XXXX parameter details how the UCentric Server should perform the audit and also has some embedded parameters, these should be URLEncoded

This is the same as

Where ALC is the detected vendor type and 2619 is the siteId we either created or located

This will return the following result

Within this response you will need to note the following key parameters for future calls:-

scheduleId is the Scheduled event (the actual Audit activity)

timestamp is the time the activity starts

scandate is the Timestamp that will be attached to all data that is audited

 

Polling the server

At this point you can repeatedly call the following URL to get a status of what is happening (live audit process view)

The parameters are

This will return a data set that looks like this

As the polling continues, you’ll get a status of where the audit is, the the newest entry at the top of the rows:[] array

Eventually you will see the following event as the 1st entry in the array

You are looking for eventMsg to show "eventMsg": "Audit has completed successfully."

Once that has been received, you can then request the reports.

Requesting a HLD (Word Merge) document

This is simply a case of providing the audit details as follows:

The parameters are

The following standard templates are available, but you can create your own - please refer to this guide

image-20240207-105912.png

 

Requesting LLD (Excel Bulk Loader) document

The LLD or Bulk-loader document can accept a number of additional parameters to blend alternative data sources and set various conditions

The parameters are

The JSON (which MUST be URL encoded) is as follows:

The key parameters you should change are:-

outputFormat is one of UCentric’s standard output formats, which are Excelor JSON