You are here: Welcome to BlueOnyx» Features» API (v2) Documentation

API (v2) Documentation

The initial BlueOnyx v1 API had its shortcomings, therefore it has been superseded by a more modern 'cced-api' daemon written in Golang, which directly interfaces with CCEd and allows us to securely expose all CCEd functionality. Remote access is possible for whitelisted IP addresses with secrets and tokens that are only valid for the respective whitelisted IPs.

A WHMCS module to manage BlueOnyx servers is available free of charge here. This modules allows provisioning Vsites via WHMCS for both BlueOnyx 5210R and BlueOnyx 5211R and will also cover the upcoming BlueOnyx 5212R.  

CCEd-API Documentation

Implemented API Commands

Command Supported Notes
LOGIN Token/Secret Auth - remote only
AUTH Username/password - localhost only
AUTHKEY Session validation - localhost only
WHOAMI Maps session to user OID
GET Supports optional namespace
SET Supports optional namespace
FIND Arbitrary key/value args
CREATE Supports key/value args
DESTROY Basic object destruction
NAMES Class or OID supported
BYE End session
ENDKEY Session teardown
CLASSES Returns all class names
SUSPEND ACL controlled
RESUME ACL controlled
BEGIN Begin DTS transaction
COMMIT Commit DTS queue
FINDX Enhanced FIND with sorting and regex
GETOBJECT Find + GET in one
GETALL Bulk fetch of objects

Debugging

journalctl -u cced-api -f

/etc/cced-api/config/cced-api.conf:
  logging = true
  debuglog = false

GUI Integration:

Usage Examples

(Full usage examples follow in raw curl + JSON format for direct shell or programmatic testing. Only one example is shown on this page. For the complete reference see the menu on the left.)

AUTH (localhost only)

curl -sk -X POST https://127.0.0.1:9092/v2/cce -d '{ "cmd": "AUTH", "user": "admin", "password": "PASSWORD" }' | jq

Response (success):

{
    "status": 201,
    "message": "GOODBYE",
    "data": {
        "sessionid": "tK46aZ885HA1QxEiti1dlq.....VpQM3cfavn1yxfF8vFEBeoH3"
    }
}

Response (fail):

{
    "status": 401,
    "message": "GOODBYE",
    "data": {
        "errors": [
            {
                "code": 401,
                "message": "FAIL"
            }
        ]
    }
}

Note: For the complete listing of examples, including GETOBJECT, GETALL, DTS (BEGIN/COMMIT), and full token flow, refer to the API readme.

API Ports and API Access:

From localhost:

https://127.0.0.1:9092/v2/cce

From remote:

https://API-IP:9092/v2/cce
https://API-IP:81/v2/cce

Security Model

  • localhost access: AUTH, AUTHKEY, WHOAMI, etc.
  • remote access: LOGIN (requires whitelisted IP + valid client secret)
  • All remote requests with invalid or missing client secrets return 403 and a valid token and secret is required.

Token Usage (Remote)

  1. Login with LOGIN + client secret
  2. Use returned token for subsequent commands (with secret)
  3. Send BYE to invalidate token early
  4. Tokens auto-expire after configured lifetime (default: 300s)
Previous page: API (v1) Documentation Next page: API (v2) Authentication