WaaS API Version 4

Accessing the API

This section describes how to invoke a REST API call on the Barracuda WAF-as-a-Service.

The REST API supports HTTPS URI requests. The documentation for the API is available at:
https://api.waas.barracudanetworks.com/v4/swagger/

API Endpoint

The base URL for accessing the Barracuda WAF-As-A-Service is:

Combine the base URL with the required API resource to make a call. Example: /api_login or /applications/.

Login Access Token

To use the Barracuda WAF-as-a-Service REST API, a login access token is required for authentication. Login credentials with admin privileges or a role-based administrator with restricted permissions can be used.

The login request must include the username and password to generate the token. HTTPS request examples are provided below for reference:

Once the token is fetched, include the token as a value to the ‘auth-api’ header in subsequent API calls.

Example:
To complete the login to WAAS use the /api_login resource:

Curl Example:

The API response to such a request with the right credentials would be as follows:

To initiate API calls to WAF-as-a-Service, subsequent requests should include the value of the JSON key called “key” in the API request header “auth-api”

Example: