WaaS API Version 2
The Barracuda WAF-as-a-Service supports a comprehensive REST API module for management and configuration.
Accessing the API
This section describes how to invoke a REST API call on the Barracuda WAF-as-a-Service.
The REST API supports HTTPS URI requests. The documentation for the API is available at:
https://api.waas.barracudanetworks.com/swagger/
API Endpoint
The base URL for accessing the Barracuda WAF-As-A-Service is:
'https://api.waas.barracudanetworks.com/v2/waasapi’
Combine the base URL with the required API resource to make a call, for example /api_login or /applications/.
Login Access Token
To use the Barracuda WAF-as-a-Service REST API, a login access token is required for authentication. Login credentials with admin privileges or a role-based administrator with restricted permissions can be used.
The login request must include the username and password to generate the token. HTTPS request examples are provided below for reference:
Once the token is fetched, include the token as a value to the ‘auth-api’ header in subsequent API calls.
Example:
To complete the login to WAAS use the /api_login resource:
'https://api.waas.barracudanetworks.com/v2/waasapi/api_login/'
Curl Example:
curl -X 'POST' \
'https://api.waas.barracudanetworks.com/v2/waasapi/api_login/' \
-H 'accept: application/json' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'email=<account email address>&password=<account password>'
Using the WAAS API to create/modify the configuration:
Example: To create an application, the REST resource is /applications/
Curl Example:
curl -X 'POST' \
'https://api.waas.barracudanetworks.com/v2/waasapi/applications/' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-H 'auth-api: eyJhY2NfaWQiOiA4OTg1NzMwLCAidXNlcl9pZCI6IDE2NTkzLCAiZXhwaXJhdGlvbiI6IDE2ODY4NDE4MTN9.74d9bb7c70f98c77bc4be37dd4eeae896c5b7f063c8e45944a4e4dfa83f104ab' \
-d '{
"applicationName": "new app",
"backendPort": 443,
"useHttp": true,
"useExistingIp": true,
"backendIp": "1.1.1.1",
"maliciousTraffic": "Passive",
"serviceIp": "2.2.2.2",
"httpsServicePort": 443,
"redirectHTTP": true,
"useHttps": true,
"httpServicePort": 80,
"backendType": "HTTPS",
"serviceType": "HTTP",
"account_ips": {},
"hostnames": [
{
"hostname": "8.8.8.8"
}
]
}'
Audit Logs
The Audit Logs provide information about the actions/activities performed by users on the WAF-as-a-Service web interface. The response schema includes the following details:
unique_id: A unique identifier generated for the user.
actor: Denotes the actor who changed the value of the parameter. It can be Customer, Support Team, Engineering Team or System.
action: The action performed by the user.
component_modified: The component name that was modified.
summary: Description of the changes made.
changes: Displays the component name which has been modified.
new_val: Value of the parameter/variable after the update.
old_val: Value of the parameter/variable before the update.
setting: Name of the parameter/variable for which the value was updated.
is_api_change: Denotes whether the change is from API or the web interface.
date: The date and time when the action was performed.
user_text: Name of the user.
user_tooltip: Email address of the user.
app_name: Name of the application.
app_is_deleted: Denotes if the application where the change is made is deleted or is in use.
Schema Example:
