Juniper Networks

Juniper Apstra API

Intent-based networking API for data center automation and orchestration.

GitHub OpenAPI

Documentation

📖
Documentation
https://www.juniper.net/documentation/product/us/en/juniper-apstra/
📖
Authentication
https://www.juniper.net/documentation/us/en/software/apstra4.1/apstra-user-guide/topics/topic-map/api-authentication.html

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/juniper-networks/refs/heads/main/openapi/juniper-networks-apstra-openapi.yml

Schemas & Data

📊
JSONSchema
https://raw.githubusercontent.com/api-evangelist/juniper-networks/refs/heads/main/json-schema/juniper-networks-apstra-blueprint-schema.json

Other Resources

🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/juniper-networks/refs/heads/main/capabilities/apstra-anomalies.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/juniper-networks/refs/heads/main/capabilities/apstra-authentication.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/juniper-networks/refs/heads/main/capabilities/apstra-blueprints.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/juniper-networks/refs/heads/main/capabilities/apstra-design.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/juniper-networks/refs/heads/main/capabilities/apstra-iba.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/juniper-networks/refs/heads/main/capabilities/apstra-resources.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/juniper-networks/refs/heads/main/capabilities/apstra-systems.yaml

OpenAPI Specification

juniper-networks-apstra-openapi.yml Raw ↑ 
openapi: 3.1.0
info:
  title: Juniper Networks Juniper Apstra Intent-Based Networking API
  description: >-
    RESTful API for Juniper Apstra, an intent-based networking platform for
    automating data center network design, deployment, and operations. Apstra
    abstracts network infrastructure into design blueprints with logical
    models, rack types, templates, and connectivity. The platform continuously
    validates that the network state matches the intended configuration and
    raises anomalies when deviations occur. The API provides full access to
    design resources, blueprints, device management, telemetry, and IBA
    (Intent-Based Analytics) probes. Authentication uses token-based sessions
    obtained via the login endpoint.
  version: '4.2'
  contact:
    name: Juniper Networks Support
    url: https://www.juniper.net/documentation/product/us/en/juniper-apstra/
  license:
    name: Proprietary
    url: https://www.juniper.net/us/en/legal-notices.html
servers:
  - url: https://{apstra_server}/api
    description: Apstra server API endpoint.
    variables:
      apstra_server:
        description: Hostname or IP address of the Apstra server.
        default: apstra.example.com
security:
  - authToken: []
tags:
  - name: Anomalies
    description: Network state anomaly detection and reporting.
  - name: Authentication
    description: User login, logout, and token management.
  - name: Blueprints
    description: >-
      Blueprint lifecycle management for data center network intent, including
      staging, commit, and deployment.
  - name: Design
    description: >-
      Design resources including logical devices, interface maps, rack types,
      templates, and config templates.
  - name: IBA
    description: Intent-Based Analytics probes and dashboards.
  - name: Resources
    description: >-
      Resource pool management for ASN, IP, and VNI allocation.
  - name: Systems
    description: Managed system (device) agent lifecycle and telemetry.
paths:
  /aaa/login:
    post:
      operationId: login
      summary: Juniper Networks Authenticate and obtain token
      description: >-
        Authenticates with username and password, returns an authentication
        token for subsequent API calls. The token must be passed in the
        AuthToken header for all authenticated endpoints.
      tags:
        - Authentication
      security: []
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              required:
                - username
                - password
              properties:
                username:
                  type: string
                  description: Apstra admin username.
                password:
                  type: string
                  description: Apstra admin password.
      responses:
        '201':
          description: Authentication successful.
          content:
            application/json:
              schema:
                type: object
                properties:
                  token:
                    type: string
                    description: Authentication token for API access.
                  id:
                    type: string
                    format: uuid
                    description: Session identifier.
        '401':
          description: Invalid credentials.
  /aaa/logout:
    post:
      operationId: logout
      summary: Juniper Networks Logout and invalidate token
      description: Invalidates the current authentication token.
      tags:
        - Authentication
      responses:
        '200':
          description: Logout successful.
  /design/logical-devices:
    get:
      operationId: listLogicalDevices
      summary: Juniper Networks List logical devices
      description: >-
        Returns all logical device definitions. Logical devices represent
        abstract switch models with port groups and capabilities, independent
        of specific hardware vendors. They define the port layout and
        capabilities used in rack type definitions.
      tags:
        - Design
      responses:
        '200':
          description: Logical devices returned.
          content:
            application/json:
              schema:
                type: object
                properties:
                  items:
                    type: array
                    items:
                      $ref: '#/components/schemas/LogicalDevice'
        '401':
          $ref: '#/components/responses/Unauthorized'
    post:
      operationId: createLogicalDevice
      summary: Juniper Networks Create logical device
      description: Creates a new logical device definition.
      tags:
        - Design
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/LogicalDevice'
      responses:
        '201':
          description: Logical device created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LogicalDevice'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /design/interface-maps:
    get:
      operationId: listInterfaceMaps
      summary: Juniper Networks List interface maps
      description: >-
        Returns all interface maps. Interface maps bind logical device port
        groups to physical device interfaces, connecting the abstract design
        to specific hardware models.
      tags:
        - Design
      responses:
        '200':
          description: Interface maps returned.
          content:
            application/json:
              schema:
                type: object
                properties:
                  items:
                    type: array
                    items:
                      $ref: '#/components/schemas/InterfaceMap'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /design/rack-types:
    get:
      operationId: listRackTypes
      summary: Juniper Networks List rack types
      description: >-
        Returns all rack type definitions. Rack types define the physical
        layout of a data center rack including leaf switches, access switches,
        generic systems, and their interconnections.
      tags:
        - Design
      responses:
        '200':
          description: Rack types returned.
          content:
            application/json:
              schema:
                type: object
                properties:
                  items:
                    type: array
                    items:
                      $ref: '#/components/schemas/RackType'
        '401':
          $ref: '#/components/responses/Unauthorized'
    post:
      operationId: createRackType
      summary: Juniper Networks Create rack type
      description: Creates a new rack type definition.
      tags:
        - Design
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RackType'
      responses:
        '201':
          description: Rack type created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RackType'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /design/templates:
    get:
      operationId: listTemplates
      summary: Juniper Networks List templates
      description: >-
        Returns all data center templates. Templates combine rack types with
        spine layer definitions to create complete data center fabric designs
        using leaf-spine or 3-stage Clos topologies.
      tags:
        - Design
      responses:
        '200':
          description: Templates returned.
          content:
            application/json:
              schema:
                type: object
                properties:
                  items:
                    type: array
                    items:
                      $ref: '#/components/schemas/Template'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /blueprints:
    get:
      operationId: listBlueprints
      summary: Juniper Networks List blueprints
      description: >-
        Returns all blueprints. Blueprints are instantiations of templates
        representing a specific data center network. They contain the full
        network graph including nodes, links, and configuration state.
      tags:
        - Blueprints
      responses:
        '200':
          description: Blueprints returned.
          content:
            application/json:
              schema:
                type: object
                properties:
                  items:
                    type: array
                    items:
                      $ref: '#/components/schemas/BlueprintSummary'
        '401':
          $ref: '#/components/responses/Unauthorized'
    post:
      operationId: createBlueprint
      summary: Juniper Networks Create blueprint
      description: >-
        Creates a new blueprint from a template. The blueprint will contain
        the initial network graph based on the template design.
      tags:
        - Blueprints
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              required:
                - label
                - design
              properties:
                label:
                  type: string
                  description: Blueprint display name.
                design:
                  type: string
                  enum:
                    - two_stage_l3clos
                  description: Blueprint design type.
                init_type:
                  type: string
                  enum:
                    - template_reference
                  description: Initialization method.
                template_id:
                  type: string
                  format: uuid
                  description: Template ID to instantiate.
      responses:
        '201':
          description: Blueprint created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BlueprintSummary'
        '400':
          $ref: '#/components/responses/BadRequest'
  /blueprints/{blueprint_id}:
    get:
      operationId: getBlueprint
      summary: Juniper Networks Get blueprint
      description: Returns details for a specific blueprint.
      tags:
        - Blueprints
      parameters:
        - $ref: '#/components/parameters/BlueprintId'
      responses:
        '200':
          description: Blueprint returned.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Blueprint'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
    delete:
      operationId: deleteBlueprint
      summary: Juniper Networks Delete blueprint
      description: Deletes a blueprint and its associated network graph.
      tags:
        - Blueprints
      parameters:
        - $ref: '#/components/parameters/BlueprintId'
      responses:
        '204':
          description: Blueprint deleted.
        '401':
          $ref: '#/components/responses/Unauthorized'
  /blueprints/{blueprint_id}/deploy:
    put:
      operationId: deployBlueprint
      summary: Juniper Networks Deploy blueprint
      description: >-
        Commits and deploys staged changes in the blueprint to the physical
        network devices. Generates device-specific configurations from the
        intent model and pushes them to managed switches.
      tags:
        - Blueprints
      parameters:
        - $ref: '#/components/parameters/BlueprintId'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              properties:
                version:
                  type: integer
                  description: Blueprint version to deploy.
                description:
                  type: string
                  description: Deployment description.
      responses:
        '200':
          description: Deployment initiated.
        '400':
          $ref: '#/components/responses/BadRequest'
        '409':
          description: Blueprint has no staged changes or version conflict.
  /blueprints/{blueprint_id}/anomalies:
    get:
      operationId: listBlueprintAnomalies
      summary: Juniper Networks List blueprint anomalies
      description: >-
        Returns anomalies detected in a blueprint. Anomalies represent
        deviations between the intended state defined in the blueprint
        and the actual state observed on network devices. Includes
        configuration drift, cabling issues, and BGP session problems.
      tags:
        - Anomalies
      parameters:
        - $ref: '#/components/parameters/BlueprintId'
      responses:
        '200':
          description: Anomalies returned.
          content:
            application/json:
              schema:
                type: object
                properties:
                  items:
                    type: array
                    items:
                      $ref: '#/components/schemas/Anomaly'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /blueprints/{blueprint_id}/security-zones:
    get:
      operationId: listSecurityZones
      summary: Juniper Networks List security zones (VRFs)
      description: >-
        Returns all security zones (routing zones / VRFs) configured in
        the blueprint. Security zones provide network segmentation through
        VRF instances on leaf switches.
      tags:
        - Blueprints
      parameters:
        - $ref: '#/components/parameters/BlueprintId'
      responses:
        '200':
          description: Security zones returned.
          content:
            application/json:
              schema:
                type: object
                properties:
                  items:
                    type: object
                    additionalProperties:
                      $ref: '#/components/schemas/SecurityZone'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /blueprints/{blueprint_id}/virtual-networks:
    get:
      operationId: listVirtualNetworks
      summary: Juniper Networks List virtual networks
      description: >-
        Returns all virtual networks in the blueprint. Virtual networks
        represent VLANs/VXLANs provisioned across the fabric for
        workload connectivity.
      tags:
        - Blueprints
      parameters:
        - $ref: '#/components/parameters/BlueprintId'
      responses:
        '200':
          description: Virtual networks returned.
          content:
            application/json:
              schema:
                type: object
                properties:
                  items:
                    type: object
                    additionalProperties:
                      $ref: '#/components/schemas/VirtualNetwork'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /resources/asn-pools:
    get:
      operationId: listAsnPools
      summary: Juniper Networks List ASN pools
      description: >-
        Returns all ASN (Autonomous System Number) pools. ASN pools are
        allocated to spine and leaf switches for BGP peering in the
        data center fabric.
      tags:
        - Resources
      responses:
        '200':
          description: ASN pools returned.
          content:
            application/json:
              schema:
                type: object
                properties:
                  items:
                    type: array
                    items:
                      $ref: '#/components/schemas/AsnPool'
        '401':
          $ref: '#/components/responses/Unauthorized'
    post:
      operationId: createAsnPool
      summary: Juniper Networks Create ASN pool
      description: Creates a new ASN pool with defined ranges.
      tags:
        - Resources
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AsnPool'
      responses:
        '201':
          description: ASN pool created.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AsnPool'
        '400':
          $ref: '#/components/responses/BadRequest'
  /resources/ip-pools:
    get:
      operationId: listIpPools
      summary: Juniper Networks List IP pools
      description: >-
        Returns all IP address pools. IP pools are used to allocate
        loopback addresses, fabric link subnets, and virtual network
        gateways across the data center fabric.
      tags:
        - Resources
      responses:
        '200':
          description: IP pools returned.
          content:
            application/json:
              schema:
                type: object
                properties:
                  items:
                    type: array
                    items:
                      $ref: '#/components/schemas/IpPool'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /resources/vni-pools:
    get:
      operationId: listVniPools
      summary: Juniper Networks List VNI pools
      description: >-
        Returns all VNI (VXLAN Network Identifier) pools. VNI pools
        provide unique identifiers for VXLAN tunnels used in the
        EVPN-VXLAN fabric overlay.
      tags:
        - Resources
      responses:
        '200':
          description: VNI pools returned.
          content:
            application/json:
              schema:
                type: object
                properties:
                  items:
                    type: array
                    items:
                      $ref: '#/components/schemas/VniPool'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /systems:
    get:
      operationId: listSystems
      summary: Juniper Networks List managed systems
      description: >-
        Returns all systems (network devices) known to Apstra, including
        their agent status, management IP, and hardware information.
      tags:
        - Systems
      responses:
        '200':
          description: Systems returned.
          content:
            application/json:
              schema:
                type: object
                properties:
                  items:
                    type: array
                    items:
                      $ref: '#/components/schemas/System'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /systems/{system_id}:
    get:
      operationId: getSystem
      summary: Juniper Networks Get system details
      description: Returns detailed information for a specific managed system.
      tags:
        - Systems
      parameters:
        - $ref: '#/components/parameters/SystemId'
      responses:
        '200':
          description: System returned.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/System'
        '404':
          $ref: '#/components/responses/NotFound'
  /blueprints/{blueprint_id}/iba/probes:
    get:
      operationId: listIbaProbes
      summary: Juniper Networks List IBA probes
      description: >-
        Returns all Intent-Based Analytics probes in a blueprint. IBA probes
        continuously collect and analyze telemetry data from network devices
        to detect anomalies and verify intent compliance.
      tags:
        - IBA
      parameters:
        - $ref: '#/components/parameters/BlueprintId'
      responses:
        '200':
          description: IBA probes returned.
          content:
            application/json:
              schema:
                type: object
                properties:
                  items:
                    type: array
                    items:
                      $ref: '#/components/schemas/IbaProbe'
        '401':
          $ref: '#/components/responses/Unauthorized'
components:
  securitySchemes:
    authToken:
      type: apiKey
      in: header
      name: AuthToken
      description: >-
        Authentication token obtained from POST /api/aaa/login. Include
        in the AuthToken header for all authenticated API requests.
  parameters:
    BlueprintId:
      name: blueprint_id
      in: path
      required: true
      description: Blueprint unique identifier.
      schema:
        type: string
        format: uuid
    SystemId:
      name: system_id
      in: path
      required: true
      description: System unique identifier.
      schema:
        type: string
        format: uuid
  responses:
    BadRequest:
      description: Invalid request parameters or malformed payload.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    Unauthorized:
      description: Authentication required or token expired.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    NotFound:
      description: Resource not found.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
  schemas:
    Error:
      type: object
      properties:
        errors:
          type: string
          description: Error message.
    LogicalDevice:
      type: object
      properties:
        id:
          type: string
          format: uuid
          description: Logical device unique identifier.
        display_name:
          type: string
          description: Display name for the logical device.
        panels:
          type: array
          description: Port panel definitions.
          items:
            type: object
            properties:
              panel_layout:
                type: object
                properties:
                  row_count:
                    type: integer
                  column_count:
                    type: integer
              port_indexing:
                type: object
                properties:
                  order:
                    type: string
                    enum:
                      - T-B, L-R
                      - L-R, T-B
                  start_index:
                    type: integer
                  schema:
                    type: string
                    enum:
                      - absolute
              port_groups:
                type: array
                items:
                  type: object
                  properties:
                    count:
                      type: integer
                      description: Number of ports in the group.
                    speed:
                      type: object
                      properties:
                        unit:
                          type: string
                          enum:
                            - G
                        value:
                          type: integer
                      description: Port speed.
                    roles:
                      type: array
                      items:
                        type: string
                        enum:
                          - spine
                          - leaf
                          - peer
                          - access
                          - generic
                          - superspine
                          - unused
                      description: Roles the port group can fulfill.
    InterfaceMap:
      type: object
      properties:
        id:
          type: string
          format: uuid
          description: Interface map unique identifier.
        label:
          type: string
          description: Display label.
        logical_device_id:
          type: string
          format: uuid
          description: Associated logical device.
        device_profile_id:
          type: string
          format: uuid
          description: Associated hardware device profile.
        interfaces:
          type: array
          items:
            type: object
            properties:
              name:
                type: string
                description: Physical interface name.
              mapping:
                type: array
                items:
                  type: integer
                description: Logical port indices mapped to this interface.
    RackType:
      type: object
      properties:
        id:
          type: string
          format: uuid
          description: Rack type unique identifier.
        display_name:
          type: string
          description: Display name.
        description:
          type: string
          description: Description of the rack type.
        fabric_connectivity_design:
          type: string
          enum:
            - l3clos
            - l3collapsed
          description: Fabric connectivity design pattern.
        leaf_switches:
          type: array
          description: Leaf switch definitions in the rack.
          items:
            type: object
            properties:
              label:
                type: string
              logical_device_id:
                type: string
                format: uuid
              link_per_spine_count:
                type: integer
              link_per_spine_speed:
                type: object
                properties:
                  unit:
                    type: string
                  value:
                    type: integer
              redundancy_protocol:
                type: string
                enum:
                  - esi
                  - mlag
        generic_systems:
          type: array
          description: Generic system (server, storage) definitions in the rack.
          items:
            type: object
            properties:
              label:
                type: string
              count:
                type: integer
              logical_device_id:
                type: string
                format: uuid
              links:
                type: array
                items:
                  type: object
                  properties:
                    label:
                      type: string
                    target_switch_label:
                      type: string
                    link_per_switch_count:
                      type: integer
                    link_speed:
                      type: object
                      properties:
                        unit:
                          type: string
                        value:
                          type: integer
                    lag_mode:
                      type: string
                      enum:
                        - lacp_active
                        - lacp_passive
                        - static_lag
    Template:
      type: object
      properties:
        id:
          type: string
          format: uuid
          description: Template unique identifier.
        display_name:
          type: string
          description: Template display name.
        type:
          type: string
          enum:
            - rack_based
          description: Template type.
        spine:
          type: object
          properties:
            count:
              type: integer
              description: Number of spine switches.
            logical_device_id:
              type: string
              format: uuid
              description: Logical device for spine switches.
        rack_types:
          type: array
          description: Rack types included in the template.
          items:
            type: object
            properties:
              rack_type_id:
                type: string
                format: uuid
              count:
                type: integer
    BlueprintSummary:
      type: object
      properties:
        id:
          type: string
          format: uuid
          description: Blueprint unique identifier.
        label:
          type: string
          description: Blueprint label.
        design:
          type: string
          description: Design type.
        status:
          type: string
          description: Blueprint deployment status.
        build_errors_count:
          type: integer
          description: Number of build errors.
        build_warnings_count:
          type: integer
          description: Number of build warnings.
        version:
          type: integer
          description: Current blueprint version.
    Blueprint:
      type: object
      properties:
        id:
          type: string
          format: uuid
        label:
          type: string
        design:
          type: string
        version:
          type: integer
        nodes:
          type: object
          additionalProperties:
            type: object
          description: Blueprint graph nodes keyed by ID.
        relationships:
          type: object
          additionalProperties:
            type: object
          description: Blueprint graph relationships keyed by ID.
    Anomaly:
      type: object
      properties:
        id:
          type: string
          format: uuid
          description: Anomaly unique identifier.
        type:
          type: string
          description: Anomaly type (e.g., config, cabling, bgp, route, liveness).
        severity:
          type: string
          enum:
            - critical
            - warning
            - info
          description: Anomaly severity.
        role:
          type: string
          description: Node role where the anomaly was detected.
        expected:
          type: string
          description: Expected state value.
        actual:
          type: string
          description: Actual observed state value.
        identity:
          type: object
          additionalProperties:
            type: string
          description: Identifying attributes of the anomalous element.
    SecurityZone:
      type: object
      properties:
        id:
          type: string
          format: uuid
        label:
          type: string
          description: Security zone name.
        vrf_name:
          type: string
          description: VRF name on devices.
        routing_policy_id:
          type: string
          format: uuid
          description: Associated routing policy.
        vni_id:
          type: integer
          description: L3 VNI for the security zone.
    VirtualNetwork:
      type: object
      properties:
        id:
          type: string
          format: uuid
        label:
          type: string
          description: Virtual network name.
        vn_type:
          type: string
          enum:
            - vxlan
          description: Virtual network type.
        vn_id:
          type: string
          description: VXLAN VNI.
        security_zone_id:
          type: string
          format: uuid
          description: Parent security zone.
        bound_to:
          type: array
          items:
            type: object
            properties:
              system_id:
                type: string
                format: uuid
              vlan_id:
                type: integer
          description: Systems and VLAN IDs where the VN is bound.
        ipv4_subnet:
          type: string
          description: IPv4 gateway subnet in CIDR notation.
        virtual_gateway_ipv4:
          type: string
          description: Virtual gateway IPv4 address.
    AsnPool:
      type: object
      properties:
        id:
          type: string
          format: uuid
        display_name:
          type: string
        ranges:
          type: array
          items:
            type: object
            properties:
              first:
                type: integer
                description: First ASN in the range.
              last:
                type: integer
                description: Last ASN in the range.
        status:
          type: string
          description: Pool usage status.
    IpPool:
      type: object
      properties:
        id:
          type: string
          format: uuid
        display_name:
          type: string
        subnets:
          type: array
          items:
            type: object
            properties:
              network:
                type: string
                description: Subnet in CIDR notation.
              status:


# --- truncated at 32 KB (34 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/juniper-networks/refs/heads/main/openapi/juniper-networks-apstra-openapi.yml