Using Hexnode API for automation

Taavi
expand collapsive

Hi, we use Hexnode in our organization. We are making an administrator page to integrate automation tools in our workflows and it would be great to have hexnode mdm workflows there too. Do you have APIs to be able to implement flows on click of button like – executing compliance checks and automatically start the Hexnoe lost mode when device is not compliant?

All Replies

  • Wilson

    Wilson

    Participant

    Wilson

    Participant

    are hexnode APIs a secure way to handle data?

  • Zach Goodman

    Zach Goodman

    Hexnode

    Zach Goodman

    Moderator

    Hello @Taavi, that would be possible with Hexnode APIs. For the particular example you gave, you could use the List All Devices API to fetch device details along with their compliance status.

    Then you could run some internal validation on your page to filter out the devices (get the device id) showing compliant status as false. If there are device which are non-compliant, you can use the Enable Lost Mode API to send a command to enable lost mode on these devices.


    @Wilson
    , an Hexnode API call inbound to your Hexnode console will only be able to query data if it is authenticated with the correct and authorized credential. The API calls can only be authorized using the API key which is a 20-digit alphanumeric code.

    Note: The API Key can be fetched with the Retrive API Key API using the user credential of the Hexnode super admin or any user with an admin role. Learn more.

    To find the complete list of Hexnode APIs refer the Hexnode API documentation.

    Cheers!
    Zach Goodman
    Hexnode UEM

  • Avatar

    Davies

    Participant

    Davies

    Participant

    Talking of compliance. Hexnode restricts the minimum period of location tracking at 15 mins. We had always wanted to track the device location very real-time and implement the location compliance. Our device is always connected to power so battery draining is also no issue. I believe this could be done with the APIs.

  • Avatar

    Tracy

    Participant

    Tracy

    Participant

    @davies, yea you could take the device actions api and keep running it. BUT there will be a limit of api calls per device per day. Wouldn’t be feasible if you intend to constantly make api calls.

  • Wilson

    Wilson

    Participant

    Wilson

    Participant

    So Im starting out in this domain and was testing out the retrieve API key on Postman but got some error – 400 bad request. It says –

    {
    "username": [
    "This field is required."
    ],
    "password": [
    "This field is required."
    ]
    }
    

    I have provided the user credentials under Authorization -> basic authorization.

  • Zach Goodman

    Zach Goodman

    Hexnode

    Zach Goodman

    Moderator

    @Wilson, try adding the credentials as body data. In Postman, you can go to Body > form-data and add ‘username’ and ‘password’ as keys and fill the corresponding values. This should get the API call working.

    However, if you plan to use this step in your applications, you must implement this method with caution. The user credential (for active admins) can always fetch the current API key. The user will have to be removed or deactivated on the Hexnode console to revoke access to the API key. Also, the client application must be trustable with the credentials you are providing to factor in chances of maliciously or accidentally leaking the credentials.

    Regards,
    Zach Goodman
    Hexnode UEM