Howdy|out|there|in automation land! It has been a while since my last blog,andnew and exciting things continuetohappen. (Hence the lack of blogs.) I'm hopeful this kicks off the summer on a hot foot and we get plenty out there. To let you know about some of the new work I've been taking on, I wanted to bring you something from the land of Business Critical Services (BCS). This is a new arena I have entered so I wanted to share with you some foundational pieces of automation goodness! So we are going to take a stab at a few things in this blog...
Before I get to our great content of the day, I have a few things to share. The first one is that Cisco Live is back and will be in person in fabulous Las Vegas! And yes readers, I will be there ready to teach you all about automation and orchestration. I will be teaching a 4 hour lab that you can find at LTRATO-1000. In thelab I will be teaching alongside my awesome friend and co-automation expert, Mohammed Hamzeh. Space is limited and a few spots are still there so sign up today! Secondly, another cool thing I've started to work on is a podcast that we have started (again, hence less blogs). This podcast is around bringing the best Cisco minds to you the listening audience and our customers. The podcast iscalledCisco Tech Insiders and you can find it on SoundCloud (look for our logo... its a microphone with Cisco Tech Insiders next to it) or on Spotify. I highly would suggest some listens and see if anything we talk about excites you. As always, you can suggest things via email to me or comments on the blog.
Like I said... let's make some magic! So time to concentrate on what we are going to do today and that is to build some atomics off of some python code from DevNet and help us start to build out an API set or "Atomic Adapter" for BCS Operational Insights API.
To start with any API, we need to find Authentication and Documentation on the API Spec. Thankfully, this is a well done API and we have both! Authentication is done via Client Secret+Client ID into a JWT token.... we can find the information we need here...
Note: Prior to doing some of the API greatness you will need to go through the On-boarding Process and Application Registration so you can get your Client ID and Client Secret to authenticate with the API. Registration will make use of the CX Cloud API Gateway! More exciting technology for you to use. If you have any issues getting on boarded or in the application registration process please reach out to your BCS Account Project Manager and/or associated Consulting Engineers on your project.
So let's take a look at the Authentication part first and some sample Python code. We are going to semi-map this code to SXO activities in a workflow. The python code does not belong to me and I am not the author, so I am linking it here for your reference.
The steps we need for Authentication (assuming you have your client id and client secret) are...
In python to call the API we might do something like this (in python):
url = f'https://{server}/torii-auth/v1/token' data = { "grantType": "client_credentials", "clientId": client_id, "secret": client_secret, "scope": "api.bcs.manage" } try: resp = httpx.Client().post(url=url, json=data) resp.raise_for_status() except (httpx.HTTPStatusError, httpx.RequestError) as err: logger.error( f'Failed to JSON Web Token(JWT): {err}' ) raise err else: return resp.json().get('accessToken')
To map this to SXO we need to...
Step | Python | SXO |
1 | url = f'https://{server}/torii-auth/v1/token' | Create a Target configuration |
2 | resp = httpx.Client().post(url=url, json=data) | Add a HTTP Request Activity to a workflow |
3 | return resp.json().get('accessToken') | Use a JSON Path Query Activity in workflow |
So let's walk through building those pieces...
NEW TARGET
and pick HTTP Endpoint. Call itBCS Operational Insights Auth APINO ACCOUNT KEYS
to true. SetPROTOCOL
to HTTPS,HOST/IP
to api-cx.cisco.com andPATH
to /torii-auth/v1/. You can see all of these values in the Python script as well. ClickSUBMIT
.NEW WORKFLOW
VARIABLES
, clickADD VARIABLE
and add aSTRING
calledI_client_id, make it required and make itsSCOPE
to be input. Add aSECURE STRING
called I_client_secret, make it required and make itsSCOPE
to be input.SECURE STRING
. Call it O_jwt_tokenand make itsSCOPE
to be output.TARGET
section, selectEXECUTE ON THIS TARGET
and select the target type ofHTTP ENDPOINT
and then select the target you created above.HTTP Request
, then drag and drop one onto your workflow canvas.RELATIVE URL
to token, theMETHOD
to post, and theREQUEST BODY
should mirror what is in the example. It should like this...{"grantType": "client_credentials", "clientId": "", "secret": "", "scope": "api.bcs.manage" }
REQUEST BODY
field and hit the format button to make it look nice!Workflow->input->I_client_id
for the client id field andWorkflow->input->I_client_secret
for the secret. Set the content type to JSON.SOURCE JSON TO QUERY
, click the puzzle piece icon and selectActivities->Your HTTP Request ->Body
and save. Click+ADD
below that field and then in theJSONPATH QUERY
field enter$..accessTokenand then justaccessToken for the PROPERTY NAME
. Set it to typeSECURE STRING
.SET VARIABLE
activity and drag and drop it below the JSONPath query. Click+ADD
and in theVARIABLE TO UPDATE
, click the puzzle piece icon and selectWorkflow->output->O_jwt_token
. In theNEW VALUE
field, click the puzzle piece icon and select Activities->JSONPATH Query Activity->accessToken
.Now I would be a poor instructor if I did not include a final result for you to view alongside what we just stepped through... so I have plenty of that upcoming for you. As they say in cooking shows, "always have a pre-baked turkey to go along with the one you are baking." To help everyone out I have built an entire atomic adapter for you to use for BCS Operational Insights! (not just a JWT generator). Just like you importing a package or copying and pasting sample code you will have all of my workflows for you to use and build cool BCS automations. (or MAGIC!) You can find them on the Shared CX SXO Repo and in time they will be published to the official SXO atomics git. To make this *even* better you will find some sample usage workflows on the Shared CX SXO Repo to help you get started. These include the demo I will show in the blog video (you did not think you would not get a video right???) and an example workflow that would refresh your JWT token in the background instead of you having to re-call it each time you want to use the API. These are still an opensource style nature workflows and atomics so if you have issues, please let me know!
So I know I just spoiled the fun... but as always...
Pondering Automation Demo of BCS Operational Insights API
Password: There is no password!
Standard End-O-Blog Disclaimer:
Thanks as always to all my wonderful readers and those who continue to stick with and use SXO! I have always wanted to find good questions, scenarios, stories, etc... if you have a question, please ask, if you want to see more, please ask... if you have topic ideas that you want me to blog on, Please ask! I am happy to cater to the readers and make this the best blog you will find
AUTOMATION BLOG DISCLAIMER: As always, this is a blog and my (Shaun Roberts) thoughts on SXO, orchestration, development, devops, and automation, my thoughts on best practices, and my experiences with the products and customers. The above views are in no way representative of Cisco or any of it's partners, etc. None of these views, etc are supported and this is not a place to find standard product support. If you need standard product support please do so via the current call in numbers on Cisco.com or email tac@cisco.com
Thanks and Happy Automating!!!
- Shaun Roberts, shaurobe@cisco.com
Join our daily livestream from the DevNet Zone during Cisco Live!
Stay Informed!
Sign up for theDevNet Zone Cisco Live Email Newsand be the first to know about special sessions and surprises whether you are attending in person or will engage with us online.
We'd love to hear what you think. Ask a question or leave a comment below. And stay connected with Cisco DevNet on social!
LinkedIn | Twitter @CiscoDevNet | Facebook | YouTube Channel