openapi: 3.1.0
info:
contact:
email: [email protected]
name: Thomas Munzer
description: '> Version: **2604.1.1**
>
> Date: **May 13, 2026**
<div class="notification"> NOTE:<br>Some important API changes will be introduced.
Please make sure to read the <a href="https://www.juniper.net/documentation/us/en/software/mist/api/http/guides/important-api-changes">announcements</a>
</div>
---
## Additional Documentation
* [Mist Automation Guide](https://www.juniper.net/documentation/us/en/software/mist/automation-integration/index.html)
* [Mist Location SDK](https://www.juniper.net/documentation/us/en/software/mist/location-services/topics/concept/mist-how-get-mist-sdk.html)
* [Mist Product Updates](https://www.juniper.net/documentation/us/en/software/mist/product-updates/)
## Helpful Resources
* [API Sandbox and Exercises](https://api-class.mist.com/)
* [Postman Collection, Runners and Webhook Samples](https://www.postman.com/juniper-mist/workspace/mist-systems-s-public-workspace)
* [Python Script Examples](https://github.com/tmunzer/mist_library)
* [API Demo Apps](https://apps.mist-lab.fr/)
* [Juniper Blog](https://blogs.juniper.net/)
## Mist Web Browser Extension:
* Google Chrome, Microsoft Edge and other Chromium-based browser: [Chrome Web
Store](https://chromewebstore.google.com/detail/mist-extension/ejhpdcljeamillfhdihkkmoakanpbplh)
* Firefox: [Firefox Add-ons](https://addons.mozilla.org/en-US/firefox/addon/mist-extension/)
---'
license:
name: MIT
url: https://raw.githubusercontent.com/tmunzer/Mist-OAS3.0/main/LICENSE
title: Mist API
version: 2604.1.1
x-logo:
altText: Juniper-MistAI
backgroundColor: '#FFFFFF'
url: https://www.mist.com/wp-content/uploads/logo.png
servers:
- description: Mist Global 01
url: https://api.mist.com
- description: Mist Global 02
url: https://api.gc1.mist.com
- description: Mist Global 03
url: https://api.ac2.mist.com
- description: Mist Global 04
url: https://api.gc2.mist.com
- description: Mist Global 05
url: https://api.gc4.mist.com
- description: Mist EMEA 01
url: https://api.eu.mist.com
- description: Mist EMEA 02
url: https://api.gc3.mist.com
- description: Mist EMEA 03
url: https://api.ac6.mist.com
- description: Mist EMEA 04
url: https://api.gc6.mist.com
- description: Mist APAC 01
url: https://api.ac5.mist.com
- description: Mist APAC 02
url: https://api.gc5.mist.com
- description: Mist APAC 03
url: https://api.gc7.mist.com
security:
- apiToken: []
- basicAuth: []
- basicAuth: []
csrfToken: []
tags:
- description: 'Admin API calls can be used to create, manage or authenticate Mist
administrators.
To register administrators into an existing MSP account or Organization, please
check: * [Invite Msp Admin](/#operations/inviteMspAdmin) * [Invite Org Admin](/#operations/inviteOrgAdmin)'
name: Admins
- description: 'Login Endpoints when using Login/Password authentication, with or
without 2FA.
If the Login/Password authentication is successful, Mist will add a `csrftoken`
cookie that must be added into the later API Requests (please see [csrfToken (Custom
Header Signature)]($h/__auth_CsrfToken))'
name: Admins Login
- description: Logout Endpoints when using Login/Password authentication, with or
without 2FA.
name: Admins Logout
- description: Endpoints used to trigger a password recovery and validate the token
sent by email.
name: Admins Recover Password
- description: Admin Lookup API Call is mainly used by Web UIs to know if a user must
be redirected to an SSO URL for login.
name: Admins Lookup
- description: "A Mist account can be linked to OAuth2 providers:\n1. First, login\
\ with your Mist account\n2. Obtain the Authorization URL for Linking with [Get\
\ Oauth 2 Authorization Url for Login](/#operations/getOauth2AuthorizationUrlForLogin).\n\
As OAuth2 flow goes through provider's UI and back with the authorization code,\
\ there are two ways to get it:\n * in JSON response, more usable for developers.\
\ Simply don\\'t specify the `forward` parameter when obtaining the authorization\
\ URL\n * as GET parameter, for UI where the user flow can be continued. Specify\
\ the landing page/url of your choice \n3. Obtain the authorization code by clicking\
\ / going through Authorization URL Link Mist Account against OAuth2 Provider\
\ by using the authorization code"
name: Admins Login - OAuth2
- description: "In a typical enterprise, a separate group of people, Installers, are\
\ responsible for install new devices. May it be a new installation (e.g. new\
\ stores), a replacement installation (e.g. replacing Cisco APs with Mist APs),\
\ or addition (e.g. adding new APs for better coverage). Instead of granting them\
\ Admin/Write privilege, it's more desirable to grant them minimum privileges\
\ to do the initial provisioning so they cannot read sensible information (e.g.\
\ PSK of a WLAN), or change configs of running APs.\nAt a high level, Installer\
\ APs try to achieve the following:\n1. identifying a device by MAC (that\\u2019\\\
\ \ns what they see)\n2. they can only touch configurations of the devices they\\\
u2019\\\nre installing\n3. allow the following configurations: \n * name * site\
\ assignment \n * device profile assignment \n * map and location (x/y) assignment\
\ \n * claim (if not already in the inventory) \n * replace existing device\
\ with the device being installed\n\n**Grace Period**\n\nGrace period provides\
\ a dynamic way to limit what devices / sites installer can work on. Generally\
\ installers work on recent deployments - bringing up new sites, add newly claimed\
\ devices to new / existing sites. They make mistakes, too, and may need to further\
\ tweak some of the parameters. Default grace period is 7 days and can be set\
\ from 1 day to 365 days."
name: Installer
- description: MSP (Managed Service Provider) contains multiple Organizations.
name: MSPs
- description: An MSP Admin refers to a user who has access to the Juniper Mist managed
service provider (MSP) portal and is responsible for managing and administering
the network operations of multiple customer organizations and sites.
name: MSPs Admins
- description: Sky ATP Secintel Profile
name: Orgs SecIntel Profiles
- description: Sky ATP Secintel Profile
name: Sites SecIntel Profiles
- description: API Calls to locate a device across all the Organizations attached
to the MSP account.
name: MSPs Inventory
- description: Manage the Mist portal logo at the MSP level. This logo will be displayed
instead of the Juniper Mist Logo for all the Organizations attached to this MSP
account.
name: MSPs Logo
- description: 'Audit Logs are records of activities initiated by users, providing
a history of actions such as accessing, creating, updating, or deleting resources
or components at the MSP level.
These logs allow superusers and network administrators to track and maintain a
record of user actions, including who performed specific actions and when.
Audit logs are useful for monitoring user activity, investigating security breaches,
ensuring compliance with regulations, and tracing configuration changes in a network.
They can be filtered and analyzed to view specific information and granular-level
details of each event.'
name: MSPs Logs
- description: 'Licenses are a type of service or access that customers can purchase
for various features or services offered by a company.
Subscriptions can have different statuses, such as active, expired, exceeded,
or trial, depending on their validity and usage. The status of a subscription
determines whether it is currently active and valid, has expired, has exceeded
the allowed usage limit, or is in a trial period.
Licenses can be activated using an activation code, and the activation process
confirms the inputted code and activates the subscription.
Licenses can be managed at the MSP level for organization attached to an MSP account,
or directly at the [Organization level]($h/Orgs%20Licenses/_overview)'
name: MSPs Licenses
- description: 'Marvis is an AI-driven, interactive virtual network assistant that
streamlines network operations, simplifies troubleshooting, and provides an enhanced
user experience.
It offers real-time network visibility, comprehensive insights, and automation
customized for your network.
Marvis can proactively identify issues, interpret their impact, determine root
causes, and recommend fixes.
It consists of components such as Marvis Actions, Marvis Minis, Conversational
Assistant, Marvis Client, and Marvis Query Language.
Marvis API Calls at the MSP level can be used to quickly detect network issues
on all the Organizations attached to the MSP account.'
name: MSPs Marvis
- description: 'Org Groups a way to group Organizations together based on certain
criteria.
They can be used for easier management and organization of multiple organizations
within the MSP portal.'
name: MSPs Org Groups
- description: 'An organization usually represents a customer - which has inventories,
licenses.
An Organization can contain multiple sites. A site usually represents a deployment
at the same location (a campus, an office).'
name: MSPs Orgs
- description: 'SLEs, or Service-Level Expectations, are metrics used to monitor and
report on the user experience of a Wireless, Wired or Wan network.
They are generated through data science and machine learning algorithms and provide
insights into various aspects of the network, such as coverage, capacity, connectivity,
and performance.
Mist SLEs help identify when users do not have sufficient network quality, when
they face issues with connecting or roaming between access points, and when there
are problems on the wired network.
SLEs API Calls at the MSP level can be used to retrieve the SLEs summary for each
Organization attached to the MSP account.'
name: MSPs SLEs
- description: 'MSP SSO roles refer to the different functions assigned to users within
a Single Sign-On (SSO) system.
These roles determine the tasks and actions that users can perform within the
SSO system. There are typically predefined roles and custom roles in an SSO system.
Roles in SSO provide a well-defined separation of responsibility and visibility,
allowing for granular-level access control on SSO objects.'
name: MSPs SSO Roles
- description: 'MSP SSO, or Single Sign-On, is a method of authentication that allows
users to securely log in to multiple applications and websites with a single set
of login credentials.
It involves integrating the MSP portal with an Identity Provider (IdP) using the
Security Assertion Markup Language (SAML) framework.
This enables users to authenticate themselves through their corporate IdP, eliminating
the need to remember separate passwords or enter credentials each time they access
the MSP portal.'
name: MSPs SSO
- description: 'Support tickets are a means for users to seek assistance and resolve
issues they encounter with a product or service.
They allow users to communicate their problems or questions to the Juniper Mist
support team, who can then provide guidance, troubleshooting, or solutions.
Support tickets typically include information such as the type of issue, relevant
details, and any necessary attachments.
Support Tickets API Calls at the MSP level can be used to retrieve the tickets
for each Organization attached to the MSP account.'
name: MSPs Tickets
- description: An organization usually represents a customer - which has inventories,
licenses. An Organization can contain multiple sites. A site usually represents
a deployment at the same location (a campus, an office).
name: Orgs
- description: "An org admin, or organization administrator, is a user with administrative\
\ privileges within a specific organization. They have the authority to manage\
\ and oversee the operations and settings of that organization's portal.\n\n The\
\ different types of access levels for an org admin include:\n * Super User: This\
\ role has full access to the MSP portal and all tenant organizations. A super\
\ user can manage other administrators and has the highest level of privileges.\n\
\ * Network Admin: A network admin has limited access to the MSP portal. They\
\ can be granted access to all organizations or specific organizations, with access\
\ to limited features in the organizations' portals. They are responsible for\
\ monitoring, verifying, and troubleshooting the network within their assigned\
\ organizations.\n * Observer: An observer has view-only access to limited features\
\ in the MSP portal. They can be granted access to all organizations or specific\
\ organizations, with view-only access to limited features in the organizations'\
\ portals. Observers monitor events in the network and bring any issues to the\
\ attention of the network administrator for resolution.\n * Installer: An installer\
\ can be granted access to all organizations or specific organizations, with only\
\ the ability to install access points for these organizations. They are responsible\
\ for setting up and installing access points in the network.\n * Helpdesk: A\
\ helpdesk user can be granted access to all organizations or specific organizations,\
\ with only helpdesk monitoring and workflow capabilities for these organizations.\
\ They assist with monitoring and resolving issues reported by users within the\
\ organization.\n\n These different access levels allow org admins to perform\
\ their specific roles and responsibilities within the MSP portal while ensuring\
\ appropriate access and security measures are in place."
name: Orgs Admins
- description: Alarms are triggered based on certain events. Alarms could be configured
using an Alarm Template.
name: Orgs Alarms
- description: 'An Alarm Template is a set of Alarm Rules that could be applied to
one or more sites (while each site can only pick one Alarm Template), or to the
whole org.
Once created, the Alarm template must be assigned with the `alarmtemplate_id`
attribute to one of the following
* the whole org with the [Update Org](/#operations/updateOrg) API Call
* one or multiple sites with the [Update Site Info](/#operations/updateSiteInfo)
API Call'
name: Orgs Alarm Templates
- description: 'AP Templates are defining Wi-Fi and AP settings that can be assigned
to Access Points based on different types of rules.
AP Templates must be assigned to one or multiple sites to be used.'
name: Orgs AP Templates
- description: 'Org API token is a unique identifier used by an application to authenticate
and access a service''s API.
These tokens are used to authenticate requests made to the API server and ensure
secure access to the API.
They are not bound to any specific user and provide access to the organization
as a whole.
Organization tokens support different privileges and can only be used for the
specific organization they are generated for.
Rate limiting is done on an individual token basis, so if one token reaches its
rate limit, it does not impact other tokens.'
name: Orgs API Tokens
- description: 'An Asset refers to any equipment or item that is being tracked and
monitored using Bluetooth Low Energy (BLE) beacon tags.
This requires the Asset Visibility subscription.'
name: Orgs Assets
- description: 'An Asset Filter is a feature that allows users to define specific
criteria or conditions to filter and display only certain assets based on their
attributes or properties.
This requires the Asset Visibility subscription.'
name: Orgs Asset Filters
- description: 'API Calls to manage Organization Certificates.
The certificates can be used bu Access Assurance, during the SSO/SAML Authentication,
...'
name: Orgs Cert
- description: "Antivirus profiles are used to define the content to scan for any\
\ malware and the action to be taken when malware is detected. \nThese profiles\
\ can be assigned to Content Security policies to scan Web, file transfer, and\
\ e-mail traffic. \nThe profiles help in ensuring that the network is protected\
\ from malicious content by specifying fallback options and notification methods\
\ when malware is detected or when the antivirus system experiences errors.\n\n\
\nKey Features of Antivirus Profiles:\n\n* Content Scanning: Defines the content\
\ to scan for malware.\n* Action on Detection: Specifies the action to be taken\
\ when malware is detected.\n* Fallback Options: Configures actions to be taken\
\ when the antivirus system encounters errors.\n* Notification Options: Sets up\
\ methods to notify users when a fallback occurs or a virus is detected."
name: Orgs Antivirus Profiles
- description: 'Marvis Invites can be generated for (and belongs to) an Org. They
can be generated by an Admin of an Org and can be revoked at anytime.
Marvis Clients are devices that have the Marvis Android Client installed on them
and are connected to a Juniper Mist AP.
They provide detailed data and telemetry about the client''s wireless connection,
including information about roaming behavior, connection type, and wireless properties.'
name: Orgs Clients - Marvis
- description: 'Marvis Clients are devices that have the Marvis Android Client installed
on them and are connected to a Juniper Mist AP.
They provide detailed data and telemetry about the client''s wireless connection,
including information about roaming behavior, connection type, and wireless properties.'
name: Orgs Marvis Invites
- description: NAC Clients are devices connected to the network and authenticated
by Juniper Mist Access Assurance.
name: Orgs Clients - NAC
- description: WAN Clients are devices connected to a Juniper SRX or SSX gateway monitor
or managed by Mist
name: Orgs Clients - Wan
- description: Wired Clients are Wired devices connected to a Juniper switch monitored
or managed by Mist.
name: Orgs Clients - Wired
- description: Wireless Clients are Wi-Fi devices connected to a Juniper Mist Access
Point.
name: Orgs Clients - Wireless
- description: 'SDK Clients are devices that have installed an application using the
Mist Software Development Kit (SDK).
These clients can provide specific data and information that is not available
without the installation of the SDK application.'
name: Orgs Clients - SDK
- description: 'The integration between Mist and Cradlepoint allows users to utilize
Cradlepoint 5G cellular adapters with Juniper''s wired, wireless, and SD-WAN solutions
driven by Mist AI.
With this integration, users can manage Cradlepoint devices from the Mist portal,
including onboarding, assigning devices to a site, and viewing device inventory
details. It also provides visibility into the health, SLE, and insights of Cradlepoint
devices.
Additionally, the integration enables users to leverage Marvis, Juniper''s virtual
network assistant, to receive proactive recommendations and self-driving network
actions. This integration enhances the client-to-cloud user experience by providing
insights into branch WAN adapters, helping network admins reduce Mean Time to
Identify (MTTI).'
name: Orgs Integration Cradlepoint
- description: 'CRLs, or Certificate Revocation Lists, are time-stamped lists that
identify digital certificates that have been invalidated before their expiration
date. They include information about the reasons for revocation and the entities
that issued the certificates.
CRLs are used to prevent the usage of compromised digital certificates and signatures.'
name: Orgs CRL
- description: 'While Templates / RF Templates / Network Templates / Gateway Templates
provides powerful ways to control how a Device\''s configuration is derived for
a Site. There are cases where you\''d like another level of control at the Org
Level.
A Device Profile contains a subset of Device\''s configurations you\''d like a
device to have. It will be merged at runtime when we\''re provisioning an AP.'
name: Orgs Device Profiles
- description: Devices are any Network device managed or monitored by Juniper Mist.
It can be * Wireless Access Points * Juniper Switch (EX, QFX) * Juniper WAN Gateway
(SRX, SSR) * Mist Edges * Other or 3rd party devices, like Cradlepoint Devices
name: Orgs Devices
- description: API Calls specific to SSR devices
name: Orgs Devices - SSR
- description: API Calls specific to AOS (Aruba Operating System) devices
name: Orgs Devices - AOS
- description: 'EVPN allows an alternative but more efficient LAN architecture utilizing
VxLAN / MP-BGP - separating control plane (MAC / IP Learning) from forwarding
plane.
In our implementation, following the steps to deploy EVPN topologies in a Site'
name: Orgs EVPN Topologies
- description: The Juniper Integration can be used to synchronize Juniper Support
Insights (JSI) information.
name: Orgs Integration Juniper
- description: API Call for 3rd party devices
name: Orgs Devices - Others
- description: 'In Zscaler UI:
1. add Partner Integration at https://admin.zscalerbeta.net/#administration/partner-integration
2. Add Partner Administrator Role at https://admin.zscalerbeta.net/#administration/role-management
- Name: Mist - Access: Full
3. add Partner Admin at https://admin.zscalerbeta.net/#administration/admin-management
with - Login ID: john - email: [email protected]
4. Find the cloud name for ZIA https://help.zscaler.com/zia/what-my-cloud-name-zia'
name: Orgs Integration Zscaler
- name: Orgs SCEP
- description: 'Gateway Template is applied to a site for gateway(s) in a site.
When Templates are not used, Site Setting holds settings for multiple device types
and they can differ to set device_type specific configs, use this whatever is
defined under `gateway` will overwrite/shadow the one at root-level'
name: Orgs Gateway Templates
- description: Guests are users who are accessing the wi-fi network as a temporary
or non-permanent visitor.
name: Orgs Guests
- description: 'An IDP profile is a set of predefined rules and actions that determine
how the Intrusion Detection and Prevention (IDP) system handles network traffic.
It allows you to selectively enforce attack detection and prevention techniques
on your network. The profile includes a set of IDP signatures and rules recommended
by Juniper Networks, and each attack type and severity has a specific action associated
with it, such as closing the TCP connection, dropping the packet, or sending an
alert.
The IDP profile can be applied to an application policy to monitor and analyze
network events for signs of incidents, violations, or threats to security policies.'
name: Orgs IDP Profiles
- description: The Org Inventory allows administrators to view and manage all devices
registered (claimed) to the Organization.
name: Orgs Inventory
- description: 'JSE stands for Juniper Secure Edge and it is a feature within the
Mist UI that allows customers to configure Secure Cloud Connectors.
With JSE, users can establish a tunnel via IPSEC protocol and use application
policy and traffic steering to send traffic from a WAN edge device to JSE. Mist
also provides insights and telemetry for the secure edge connection, which is
helpful for troubleshooting and monitoring data.'
name: Orgs Integration JSE
- description: 'The "Advanced Anti-Malware" feature in Sky ATP is a comprehensive
security solution that leverages multiple techniques to detect and prevent malware
attacks. Here are the key components of this feature:
* **Flow-Based Antivirus Policy**: The policy checks inbound and outbound traffic
to stop malware, quarantine infected systems, prevent data exfiltration, and disrupt
lateral movement.
* **Machine Learning-Based Threat Detection**: Sky ATP uses machine learning to
identify zero-day threats and detect malware that traditional antivirus software
might miss.
* **Integration with SRX Series Firewalls**: The SRX Series firewalls integrate
with Sky ATP to block known malicious file downloads and outbound Command and
Control (C&C) traffic. This integration ensures that malware is quickly identified
and dropped before it can infect a host.
* **Real-Time Threat Intelligence**: Sky ATP distributes third-party threat intelligence
feeds to all ATP-subscribed SRX firewalls for immediate action, reducing the attack
surface.
These components collectively provide a robust and automated threat detection
and remediation solution, simplifying cybersecurity infrastructure and processes
for organizations.
For more details, you can refer to the Juniper documentation on advanced anti-malware
policy configuration.'
name: Orgs Advanced Anti Malware Profiles
- description: "Sky Advanced Threat Prevention (Sky ATP) is a cloud-based security\
\ designed to detect and mitigate advanced threats in real-time, ensuring the\
\ security and integrity of your network. \nThe integration of Sky ATP with Mist\
\ is a strategic move to enhance the security posture of wireless networks by\
\ leveraging the capabilities of both solutions.\n\n\nThe integration of Sky ATP\
\ with Mist enhances the security of wireless networks by providing real-time\
\ threat alerts and mitigation capabilities. Here are the key benefits of this\
\ integration:\n\n* Enhanced Security: Adds another layer of security to the robust\
\ mechanisms already in place within the Mist WLAN platform. It leverages artificial\
\ intelligence (AI) for tighter security, lower operational costs, and optimized\
\ user experience.\n* Real-Time Threat Detection: Quickly identifies devices on\
\ the network that are infected with malware and takes appropriate actions. This\
\ ensures that security risks are assessed and mitigated promptly when users and\
\ devices are connected to wireless networks.\n* Improved Device Tracking: Allows\
\ for better tracking of client hosts as Mist supplies client MAC addresses to\
\ Juniper ATP Cloud. This information is crucial for identifying and mitigating\
\ threats.\n* Streamlined Security Events: Threat alerts detected by Juniper SRX\
\ Series Firewalls and ATP Cloud are automatically streamed to Mist, enabling\
\ administrators to quickly assess security risks and take appropriate actions\
\ such as quarantine or enforce security policies."
name: Orgs Integration SkyATP
- description: "Juniper Support Insight is a free service provided to all Mist customers.\n\
You can adopt your devices via a few lines CLI commands. Allowing you to \n* get\
\ some basic information about the adopted devices \n* web shell into device (write\
\ privilege required) \\n* upgrade (write privilege required)"
name: Orgs JSI
- description: 'Licenses are a type of service or access that customers can purchase
for various features or services offered by a company.
Subscriptions can have different statuses, such as active, expired, exceeded,
or trial, depending on their validity and usage. The status of a subscription
determines whether it is currently active and valid, has expired, has exceeded
the allowed usage limit, or is in a trial period.
Licenses can be activated using an activation code, and the activation process
confirms the inputted code and activates the subscription.'
name: Orgs Licenses
- description: "Linked Application are Third party applications linked to the Mist\
\ Organization. \nThis is usually using OAuth2.0 or API integrations for a Cloud-to-Cloud\
\ Communication."
name: Orgs Linked Applications
- description: 'Audit Logs are records of activities initiated by users, providing
a history of actions such as accessing, creating, updating, or deleting resources
or components at the Org level.
These logs allow superusers and network administrators to track and maintain a
record of user actions, including who performed specific actions and when.
Audit logs are useful for monitoring user activity, investigating security breaches,
ensuring compliance with regulations, and tracing configuration changes in a network.
They can be filtered and analyzed to view specific information and granular-level
details of each event.'
name: Orgs Logs
- description: 'Marvis is an AI-driven, interactive virtual network assistant that
streamlines network operations, simplifies troubleshooting, and provides an enhanced
user experience.
It offers real-time network visibility, comprehensive insights, and automation
customized for your network.
Marvis can proactively identify issues, interpret their impact, determine root
causes, and recommend fixes.
It consists of components such as Marvis Actions, Marvis Minis, Conversational
Assistant, Marvis Client, and Marvis Query Language.'
name: Orgs Marvis
- description: These API Calls to import Site Maps at the Org level
name: Orgs Maps
- description: A Mist Edge Cluster (MxCluster) is a group of Juniper Mist Edge devices
that are configured to work together in order to provide high availability and
load balancing for the tunneling of traffic from access points (APs). The cluster
can consist of a single edge device or multiple edge devices.
name: Orgs MxClusters
- description: A Mist Edge (MxEdge) is a physical or virtual appliance that is deployed
in a network to provide centralized data path for user traffic or as a RADIUS
Proxy, which was traditionally performed by legacy wireless controllers. It keeps
all the control and management functions in the Mist Cloud, offering a microservices
architecture to the campus.
name: Orgs MxEdges
- description: 'A Mist Tunnel (MxTunnel) is a configuration object that allows for
the tunneling of user VLANs from the Access Points (APs) to a central point on
the network.
It specifies the VLAN IDs that need to be tunneled and assigns the tunnel to a
primary or secondary mist edge cluster. The mist tunnel also includes settings
for tunnel fail over, auto-preemption, and other parameters related to tunnel
termination services.'
name: Orgs MxTunnels
- description: The NAC IDP allows users to integrate with various Identity Providers
(IDPs) to enhance authentication and access control. Admins can configure identity
providers such as microsoft EntraID, okta workforce identity cloud, and google
workspace idp.
name: Orgs NAC IDP
- description: The NAC IDP allows users to integrate with various Identity Providers
(IDPs) to enhance authentication and access control. Admins can configure identity
providers such as microsoft EntraID, okta workforce identity cloud, and google
workspace idp.
name: Sites NAC Fingerprints
- description: 'NAC Tags are the building blocks to compose nacrules.
They can either appear in the "matching" / "not_matching" sections of a nacrule,
in which case they play the role of classifiers, or they could appear in the "apply_tags"
section of the of a nacrule, in which case they influence the result.
When the "type" field of nactag is "match", it can be used as the classifier of
a nacrule.
- "match" field specifies the attribute name and "values" field specifies the
list of attribute values to match on.
- When multiple values are specified, its treated as an OR condition between those
values. This behavior can be changed by setting "match_all" field to "true", in
which case it is treated as an AND condition between those values.
- By default, exact match is performed.
This behavior can be changed as follows:
- Adding `-` at the beginning will perform suffix match (ex: -staff will match
fo
# --- truncated at 32 KB (3318 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/mist-ai/refs/heads/main/openapi/mist-ai-openapi.yml