Non-Standardised API

Resource	Operation	Description
	POST /api/v1/upload/profiles
	GET /api/v1/organization
	GET /api/v1/rsa_private_keys/(int:rsa_private_key_id)/download
	GET /api/v1/download/certificates/(int:certificate_id)
	GET /api/v1/download/profiles/(int:profile_id)
	GET /api/v1/devices/inventory/(int:device_id)
	POST /api/v1/devices/test/(int:device_id)
	GET /api/v1/devices/(int:device_id)/clear_passcode

POST /api/v1/upload/profiles

Upload a custom profile using multipart/form-data I.E from an upload input.

Encrypted profiles are not supported.

The profiles contents will be stored using the following process: - For the top level profile (and each payload) there is a marshmallow schema which maps the payload keys into

the SQLAlchemy model keys. It is also the responsibility of the marshmallow schema to be the validator for uploaded profiles.

• The profile itself is inserted as a Profile model.

• Each payload is unmarshalled using marshmallow to a specific Payload model. Each specific model contains a join

  table inheritance to the base payloads table.

The returned body contains a jsonapi object with details of the newly created profile and associated payload ID’s.

Note: Does not support application/x-www-form-urlencoded

TODO:

• Support signed profiles

Request Headers:  

• Accept – application/vnd.api+json
• Content-Type – multipart/form-data

Response Headers:  

• Content-Type – application/vnd.api+json

Status Codes:

• 201 Created – profile created
• 400 Bad Request – If the request contained malformed or missing payload data.
• 500 Internal Server Error – If something else went wrong with parsing or persisting the payload(s)

GET /api/v1/organization

Retrieve information about the MDM home organization.

Only returns a pseudo JSON-API representation because the standard has no definition for singleton resources.

GET /api/v1/rsa_private_keys/(int: rsa_private_key_id)/download

Download an RSA private key in PEM or DER format

Request Headers:  

• Accept – application/x-pem-file
• Accept – application/pkcs8

Response Headers:  

• Content-Type – application/x-pem-file
• Content-Type – application/pkcs8

Status Codes:

• 200 OK – OK
• 404 Not Found – Not found
• 400 Bad Request – Can’t produce requested encoding

GET /api/v1/download/certificates/(int: certificate_id)

Download a certificate in PEM format

Request Headers:  

• Accept – application/x-pem-file
• Accept – application/x-x509-user-cert
• Accept – application/x-x509-ca-cert

Response Headers:  

• Content-Type – application/x-pem-file
• Content-Type – application/x-x509-user-cert
• Content-Type – application/x-x509-ca-cert

Status Codes:

• 200 OK – OK
• 404 Not Found – There is no certificate configured
• 400 Bad Request – Can’t produce requested encoding

GET /api/v1/download/profiles/(int: profile_id)

Download a profile.

The profile is reconstructed from its database representation.

Args:

profile_id (int): The profile id

Request Headers:  

• Accept – application/x-apple-aspen-config

Response Headers:  

• Content-Type – application/x-apple-aspen-config

Status Codes:

• 200 OK –
• 404 Not Found –
• 500 Internal Server Error –

GET /api/v1/devices/inventory/(int: device_id)

Tell a device to produce a full inventory immediately.

This is mostly for testing right now.

Status Codes:

• 200 OK – OK

POST /api/v1/devices/test/(int: device_id)

Testing endpoint for quick and dirty command checking

GET /api/v1/devices/(int: device_id)/clear_passcode

Enqueues a ClearPasscode command for the device id specified.

Request Headers:  

• Accept – application/vnd.api+json
• Content-Type –

  ?

Response Headers:  

• Content-Type – application/vnd.api+json

Status Codes:

• 201 Created – command created
• 400 Bad Request – not applicable to this device
• 404 Not Found – device with this identifier was not found
• 500 Internal Server Error – system error