Batch Access API

Overview

The Batch Access API is an HTTP API to automate certain actions on a IACBOX system. It’s possible to export and import data, as well as to trigger some actions like update the system or do shutdowns etc.

API Endpoint

  • Send HTTP POST requests to https://<webadmin-domain-or-ip>/batch.php.
  • The requesting client must have access to the IACBOX WebAdmin (Office-LAN or Management-LAN) interface.

Starting with v21.0-p21486 rate limiter for identical requests was added to avoid unnecessary load. It limits identical requests to once per 10 seconds.

Commands

Export data commands

Ticket commands

Autologin Device commands

System commands

Webhook Commands

Usage

In order to obtain or send data, a HTTP POST must be sent to the Batch Access API interface. This can be done using scripted tools as well as with any programming language of choice.

  • In this manual, the linux command line tool cURL will be used for demonstration purposes. The software source and binaries (e.g. Windows binaries, x64 SSL version) can be obtained here: https://curl.haxx.se/download.html
  • A GUI client like Postman can also be used for testing.

After downloading & extracting the binaries into the system32 directory, so that cURL will become available within the Windows command line.

Authentication

The access is restricted by a username and a password. For a quick tests the user sysop could be used, but this is not recommended as the password has to be saved in scripts.

Secure access

If a custom domain plus TLS certificate is being used, the Batch API can be accessed via https completely secure. The DNS service needs to resolve the WebAdmin Domain to the internal IP address. If the API endpoint is accessed via IP address, TLS (https) is still used, but the certificate can’t be validated. In case of our test client cURL, we need to use the --insecure flag to allow access via IP address.

In all examples below please replace <USER> and <PASSWORD> with the credentials of the created API user.

Language

With the lang data, the WebAdmin language that should be used for requests can be specified. This has influence on some of the exportable data and means that the returned data will be in the specified language. The following languages are available:

Lang codeLanguage
en_USEnglish
de_DEGerman
it_ITItalian
fr_FRFrancais
id_IDBahasa Indonesia

Export Data

This section will explain how to extract data from the IACBOX according to the list on top of this manual.

Statistics

Statistics includes tickets or revenue, which both are available in csv or xls format. Exports can be filtered by from_date and to_date. Optional fields are:

  • export_id: Returns the ticket ids as first column value. With the ticket id it is possible to send further commands.
  • search_text: Search for specific ticket names or ticket descriptions, also MAC addresses (e.g. AA:BB:CC:11:22:33 and aabbcc112233) are recognized.
  • issuer: Search for tickets which were created by a specific user/service (e.g. sysop).
  • used: Search for tickets that were actually used (1) or tickets which were not used (0).
  • revoked: Either show all tickets that have been revoked (1) or all tickets which have not been revoked (0).

The 3 filters issuer, used and revoked overwrite each other meaning they can not be used together.

Example command to retrieve tickets from device with MAC address AA:BB:CC:11:22:33 between 31.01.2024 and 31.01.2025 which were created by the WebAdmin user reception:

curl --insecure -o tickets.csv --data "lang=en_US&username=<USER>&password=<PASSWORD>
&action=statistics&download=tickets&dataformat=csv&from_date=2024.01.31 09:30:59
&to_date=2025.01.31 15:30:59&export_id=1&search_text=AA:BB:CC:11:22:33
&issuer=reception" https://192.168.1.1/batch.php

Example output:

"ID";"Created";"First Login";"Ticket";"Created by";"Ticket Price (NET)";"VAT (%)";"Ticket Price (TOTAL)";"Currency";"Download (MB)";"Upload (MB)";"Traffic (MB)";"Description";"Language";"Last MAC"
"58";"31.1.2024 09:30:59";"31.01.2024 09:31:00";"ticket1";"reception";"15";"-";"15";"EUR";"90";"20";"110";"Flat Rate 7 days";"German";"AA:BB:CC:11:22:33"
"TOTAL";"";"";"2";"";"15";"";"15";"EUR";"90";"20";"110";"";"";""

Example command to retrieve tickets from device with MAC address AA:BB:CC:11:22:33 between 31.01.2024 and 31.01.2025 which were revoked:

curl --insecure -o tickets.csv --data "lang=en_US&username=<USER>&password=<PASSWORD>
&action=statistics&download=tickets&dataformat=csv&from_date=2024.01.31 09:30:59&to_date=2025.01.31 15:30:59&
export_id=1&search_text=AA:BB:CC:11:22:33&issuer=sysop&revoked=1" https://192.168.1.1/batch.php

Example output:

"ID";"Created";"First Login";"Ticket";"Created by";"Ticket Price (NET)";"VAT (%)";"Ticket Price (TOTAL)";"Currency";"Download (MB)";"Upload (MB)";"Traffic (MB)";"Description";"Language";"Last MAC"
"58";"31.1.2024 09:30:59";"31.01.2024 09:31:00";"ticket1";"sysop";"15";"-";"15";"EUR";"90";"20";"110";"Flat Rate 7 days";"German";"AA:BB:CC:11:22:33"
"TOTAL";"";"";"2";"";"15";"";"15";"EUR";"90";"20";"110";"";"";""

Connection Tracking

Includes conntrack data which is available in csv or raw format. Exports can be filtered by from_date and to_date.

Example command to retrieve connection tracking between 31.01.2024 and 01.02.2024:

curl --insecure -o conntrack_log.csv --data "lang=en_US&username=<USER>&password=<PASSWORD>
&action=connection_tracking&download=conntrack&dataformat=csv&from_date=2024.01.31 09:30:59
&to_date=2024.02.01 15:30:59" https://192.168.1.1/batch.php

Example output:

"17342";"";"01.02.2024 05:52:54";"01.02.2024 05:55:21";"tcp";"C8:B5:B7:18:5E:B7";"172.29.0.45";"62014";"17.248.209.67";"443";"0";"0";"N/A"
"17343";"";"01.02.2024 05:53:16";"01.02.2024 05:55:21";"tcp";"C8:B5:B7:18:5E:B7";"172.29.0.45";"62032";"17.248.209.65";"443";"0";"0";"N/A"
"17344";"";"01.02.2024 05:53:22";"01.02.2024 05:57:25";"tcp";"C8:B5:B7:18:5E:B7";"172.29.0.45";"62034";"172.30.15.254";"443";"0";"0";"N/A"
"17345";"";"01.02.2024 05:52:53";"01.02.2024 05:57:25";"tcp";"C8:B5:B7:18:5E:B7";"172.29.0.45";"62008";"2.22.242.105";"80";"0";"0";"N/A"

With activated Application Control, additionally to Source & Destination IP/Port, Application Names can be filtered.

  • search_text: With this parameter, Applications can be filtered out directly.
curl --insecure -o conntrack_log.csv --data "lang=en_US&username=<USER>&password=<PASSWORD>
&action=connection_tracking&download=conntrack&dataformat=csv&from_date=2024.01.31 09:30:59
&to_date=2024.02.01 15:30:59&search_text=Microsoft" https://192.168.1.1/batch.php

Example output:

"180134";"";"01.02.2024 06:55:20";"01.02.2024 06:58:18";"tcp";"00:0C:29:7B:4F:B6";"172.29.0.5";"50389";"23.10.249.16";"80";"0";"0";"Microsoft"
"180135";"";"01.02.2024 06:55:50";"01.02.2024 06:58:18";"tcp";"00:0C:29:7B:4F:B6";"172.29.0.5";"50390";"23.10.249.35";"80";"0";"0";"Microsoft"
"180137";"";"01.02.2024 06:56:20";"01.02.2024 06:59:15";"tcp";"00:0C:29:7B:4F:B6";"172.29.0.5";"50391";"23.10.249.35";"80";"515";"323";"Microsoft"

Application Log

The Application Log of the WebAdmin menu System/Application log. Can be exported in csv or xls format and filtered by from_date and to_date. Optional fields are:

  • search_text: Filter the logs with a specific search text.

Example command to export all Application Logs between 01.01.2024 and 31.01.2025 which include the search_text "logon".

curl --insecure -o application_log.csv --data "username=<USER>&password=<PASSWORD>
&action=application_log&download=logdata&dataformat=csv&from_date=2024.01.01 09:30:59
&to_date=2025.01.31 15:30:59&search_text=logon" https://192.168.1.1/batch.php

Example output:

"Date";"Username";"IP Address";"MAC Address";"Message";"Type"
"31.01.2024 09:33:00";"ticket1";"172.29.0.1";"AA:BB:CC:11:22:11";"Users ticket has been revoked by user sysop (from terminal 192.168.100.100)! Relogin no more valid!";"WARNING"
"31.01.2024 09:32:00";"ticket1";"172.29.0.1";"AA:BB:CC:11:22:11";"User has been logged off! User has requested logoff!";"NOTICE"
"31.01.2024 09:31:00";"ticket1";"172.29.0.1";"AA:BB:CC:11:22:11";"First login successful";"NOTICE"

Application Log Tickets only

Exports only Application Logs which are caused by tickets, e.g. a ticket login or logoff. Can be exported in csv or xls format and filtered by from_date and to_date. Optional fields are:

  • hide_msg: Extended log messages will not be exported. (This only works for download=deviceinfo)
  • search_text: Filter the logs with a specific search text.

Example command to export all Application Logs related to ticket actions between 31.01.2024 and 31.01.2025 which also include the search_text "logon" but without extended log messages.

curl --insecure -o application_log.csv --data "username=<USER>&password=<PASSWORD>
&action=application_log&download=logdata&dataformat=csv&from_date=2024.01.01 09:30:59
&to_date=2025.01.31 15:30:59&hide_msg=1&search_text=logon" https://192.168.1.1/batch.php

System Logs

Exports system or mail logs, selectable by generations, e.g. generation 0 means today and generation 1 means yesterday. Only the last 7 days are available.

Example command to export the compressed system logs from today.

curl --insecure -o system_log.zip --data "username=<USER>&password=<PASSWORD>&action=system_log&
download=system&generation=0" https://192.168.1.1/batch.php

[Returns ZIP, content of ZIP is messages file of today]

List DataCollector Templates

Returns all available datacollector templates in json format. The returned template id's can be used to query specific messaging data (see below).

curl --insecure -o dtc_templates.jsn --data "username=<USER>&password=<PASSWORD>
&action=dtc_templates&subaction=get_templates" https://192.168.1.1/batch.php

Example output:

{"error":0,"data":{"1":{"name":"Test Template","id":"1"}}}

Messaging Data

Exports Messaging Data which was previously obtained by messaging login methods. Can be exported as csv and xls and filtered by from_date and to_date. The following data-types are possible for download:

  • email: Email addresses which were used to create tickets with the Email login method.
  • sms: Phone numbers which were used to create ticket with the SMS login method.
  • social: Email addresses which were used to create tickets by logging in with the Social login method, e.g. Facebook or Google.
  • tkrq: Email addresses which were used to send a request via the Email ticket request login method.
  • dtc: Data which was obtained by using the Data Collector.
  • dtc_template: Datacollector template id that should be queried. Needed if download data-type is dtc.

Example command to export data which was gathered by the Email ticket request module between 31.01.2024 and 31.01.2025.

curl --insecure -o messaging_data.csv --data "lang=en_US&username=<USER>&password=<PASSWORD>
&action=messaging&download=tkrq&dataformat=csv&from_date=2024.01.31 09:30:59
&to_date=2025.01.31 15:30:59" https://192.168.1.1/batch.php

Example command to export data which was gathered by the Data Collector template 912 between 31.01.2024 and 31.01.2025.

curl --insecure -o messaging_data.csv --data "lang=en_US&username=<USER>&password=<PASSWORD>
&action=messaging&download=dtc&dtc_template=912&dataformat=csv&from_date=2024.01.31 09:30:59
&to_date=2025.01.31 15:30:59" https://192.168.1.1/batch.php

User Info

Returns online and maximum concurrent users in json format.

curl --insecure -o userinfo.jsn --data "username=<USER>&password=<PASSWORD>&action=json
&want=userinfo "https://192.168.1.1/batch.php

Example output:

{"users_online":25,"lic_users":"50","max_users":"50","percent_onl":4,"percent_free":96,"reg_number":"1234123412"}

License Info

Returns license data and licensed modules in json format.

curl --insecure -o licenseinfo.jsn --data "username=<USER>&password=<PASSWORD>&action=json
&want=licenseinfo" https://192.168.1.1/batch.php

Example output:

{
    "reg_number":"1234123412",
    "reg_passwd":"ABCABCABNCABCAB",
    "reg_date":"20240131093059",
    "reg_mac":"AA:BB:CC:11:22:33",
    "onlineupdate_till":"20250131153059",
    "reg_userlimit":"100",
    "reg_frontoffice":"PMS",
    "current_theme":"THEME",
    "vm_type":"BareHW",
    "vm_enabled":"1",
    "reg_modules":{
        "CUSTLGN":{
            "active":1
        },
        "MMS":{
            "active":1
        },
        "SOCIAL":{
            "active":1
        },
        "SMS":{
            "active":1
        },
            ...
    }
}

System Info

Returns a json response with various hardware information, including system time, uptime, cpu information, cpu core count, PCI devices, drives, USB devices, network statistics, memory data, disk usage data, kernel data and platform information.

curl --insecure -o systeminfo.jsn --data "username=<USER>&password=<PASSWORD>&action=json
&want=systeminfo" https://192.168.1.1/batch.php

Version

Returns software version, patchlevel and release date of the IACBOX in json format.

curl --insecure -o version.jsn --data "username=<USER>&password=<PASSWORD>&action=json
&want=version" https://192.168.1.1/batch.php

Example output:

{
    "version_maj":"21.0.21004",
    "version_pl":"21530",
    "lite":false,
    "demo":false,
    "userlimit":"100",
    "version":{
        "LXPRO_VERSION":"21.0.21004",
        "LXPRO_VERSION_TXT":"Release_x86_64",
        "LXPRO_VERSION_DATE":"20210331111803",
        "LXPRO_VERSION_BUILD_HOST":"hotspot.internet-for-guests.com",
        "LXPRO_HOST_ALIAS":"IAC-BOX",
        "LXPRO_SVN_REVISION":"21004"
    },
    "patchlevel":{
        "PATCHLEVEL":"21530"
    },
    "history":{
        "PATCH_21.0.21004_21047":"20220831155225",
        "PATCH_21.0.21004_21050":"20220831155229",
        "PATCH_21.0.21004_21079":"20220831155232",
            ...
    }
}

List Ticket Templates

Returns all available ticket templates in json format.

curl --insecure -o templates.jsn --data "username=<USER>&password=<PASSWORD>
&action=templates&subaction=get_templates" https://192.168.1.1/batch.php

Example output:

{
    "error":0,
    "data":{
        "246":{
            "name":"Time Rate 5 hours",
            "id":"246",
            "price":"500",
            "vlans":{
                "0":"all"
            },
            "pwd_only":null,
            "uuid":"aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee"
        },
        "247":{
            "name":"Time Rate 1 hour",
            "id":"247",
            "price":"200",
            "vlans":{
                "0":"all"
            },
            "pwd_only":null,
            "uuid":"aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee"
        }
    }
}

List Ticket Printers

Returns all available ticket printers in json format with the printer id's as keys.

curl --insecure -o printers.jsn --data "username=<USER>&password=<PASSWORD>
&action=printers&subaction=get_printers" https://192.168.1.1/batch.php

Example output:

{
    "error":0,
    "printers":{
        "1":{
            "type":"EPSON TM-T20 II\/III",
            "desc":"Description",
            "print_lang":"en_US",
            "paper_width":"80",
            "copy":"0"
        }
    }
}

Get last GDPR Data Processing Register Report

Returns the last GDPR Data Processing Register Report as .pdf file. If there was no report created yet, it creates and returns a new one. If a new report needs to be created, the settings from the WebAdmin menu Settings/Privacy Toolkit will be used.

curl --insecure -o report.pdf --data "username=<USER>&password=<PASSWORD>
&action=privacy_report" https://192.168.1.1/batch.php

Returns the full privacy report as PDF.

Ticket Data

Returns Ticket Data from the WebAdmin menu Users/Tickets/Overview. The returned data format is .CSV. The format for the time-span can be either YYYY.MM.DD hh:mm:ss or YYYY-MM-DD hh:mm:ss.

Example command to return all tickets created within a given time-span (from_date - to_date). If no from_date and to_date is provided, all tickets from now until 24 hours back are returned.

curl --insecure -o all_tickets.csv --data "lang=en_US&username=<USER>&password=<PASSWORD>
&action=get_ticket_data&ticket_type=all&from_date=2024.01.31 09:30:59
&to_date=2025.01.31 15:30:59" https://192.168.1.1/batch.php

Example output:

"Created";"First Login";"Username";"Last IP Address";"Last MAC Address";"VLAN ID/Routing ID";"Total Time Credit (seconds)";"Used Time Credit (seconds)";"Total Ticket Limit (MB)";"Used Ticket Limit (MB)";"Device Type";"Operating System";"Used Template";"Used Template ID"
"31.01.2024 9:30:59";"31.01.2024 09:33:00";"ticket3";"172.29.0.9";"AA:BB:CC:11:22:33";"0";"604800";"600000";"30000";"25000,00";"Desktop";"Windows 11";"Flat Rate 7 days";"244"
"31.01.2024 9:30:59";"31.01.2024 09:32:00";"ticket2";"172.29.0.4";"AA:BB:CC:11:22:32";"0";"604800";"500000";"30000";"20000,00";"Smartphone";"Android 15";"Flat Rate 7 days";"244"
"31.01.2024 9:30:59";"31.01.2024 09:31:00";"ticket1";"172.29.0.1";"AA:BB:CC:11:22:31";"0";"604800";"400000";"30000";"15000,00";"Tablet";"iPadOS";"Flat Rate 7 days";"244"

Example command to return used tickets that are still valid and were created within a given time-span (from_date - to_date). If no from_date and to_date is provided, all tickets from now until 24 hours back are returned.

curl --insecure -o used_tickets.csv --data "lang=en_US&username=<USER>&password=<PASSWORD>
&action=get_ticket_data&ticket_type=used&from_date=2024.01.31 09:30:59
&to_date=2025.01.31 15:30:59" https://192.168.1.1/batch.php

Output same format as above, just adds filter for ticket_type=used.

Example command to return unused tickets that are still valid and were created within a given time-span (from_date - to_date). If no from_date and to_date is provided, all tickets from now until 24 hours back are returned.

curl --insecure -o unused_tickets.csv --data "lang=en_US&username=<USER>&password=<PASSWORD>
&action=get_ticket_data&ticket_type=unused&from_date=2024.01.31 09:30:59
&to_date=2025.01.31 15:30:59" https://192.168.1.1/batch.php

Output same format as above, just adds filter for ticket_type=used.

Example command to return all tickets that are currently online.

curl --insecure -o online_tickets.csv --data "lang=en_US&username=<USER>&password=<PASSWORD>
&action=get_ticket_data&ticket_type=online" https://192.168.1.1/batch.php

Example output:

"Created";"First Login";"Username";"Last IP Address";"Last MAC Address";"VLAN ID/Routing ID";"Total Time Credit (seconds)";"Used Time Credit (seconds)";"Total Ticket Limit (MB)";"Used Ticket Limit (MB)";"Device Type";"Operating System";"Used Template";"Used Template ID"
"31.01.2024 9:30:59";"31.01.2024 09:33:00";"ticket3";"172.29.0.9";"AA:BB:CC:11:22:33";"0";"604800";"600000";"30000";"25000,00";"Desktop";"Windows 11";"Flat Rate 7 days";"244"
"31.01.2024 9:30:59";"31.01.2024 09:32:00";"ticket2";"172.29.0.4";"AA:BB:CC:11:22:32";"0";"604800";"500000";"30000";"20000,00";"Smartphone";"Android 15";"Flat Rate 7 days";"244"
"31.01.2024 9:30:59";"31.01.2024 09:31:00";"ticket1";"172.29.0.1";"AA:BB:CC:11:22:31";"0";"604800";"400000";"30000";"15000,00";"Tablet";"iPadOS";"Flat Rate 7 days";"244"

Example command to return all invalid tickets.

curl --insecure -o invalid_tickets.csv --data "lang=en_US&username=<USER>&password=<PASSWORD>
&action=get_ticket_data&ticket_type=invalid" https://192.168.1.1/batch.php

Example output:

"31.01.2024 9:30:59";"31.01.2024 09:33:00";"ticket3";"172.29.0.9";"AA:BB:CC:11:22:33";"0";"604800";"600000";"30000";"25000,00";"Desktop";"Windows 11";"Flat Rate 7 days";"244"
"31.01.2024 9:30:59";"31.01.2024 09:32:00";"ticket2";"172.29.0.4";"AA:BB:CC:11:22:32";"0";"604800";"500000";"30000";"20000,00";"Smartphone";"Android 15";"Flat Rate 7 days";"244"
"31.01.2024 9:30:59";"31.01.2024 09:31:00";"ticket1";"172.29.0.1";"AA:BB:CC:11:22:31";"0";"604800";"400000";"30000";"15000,00";"Tablet";"iPadOS";"Flat Rate 7 days";"244"

Ticket Commands

Ticket Create

Create tickets based on a specified template (by id). Required parameter is use_template.

  • use_template - template_id to use for ticket create (see List Ticket Templates)

Optional parameters are:

  • return_userdata (1) - returns username, password and ID of created ticket
  • return_qrlink (1) - return qr code link for created ticket
  • tk_username - specify a custom username for the new ticket
  • tk_password - specify a custom password for the new ticket (min. length = 4 characters; 7 characters for password only tickets)
  • description - add custom description to created ticket. User specific data fields can also be added like this: "description=name:john;email:mail@example.com;"
  • expiration (Days / >= 0) - overwrite template expiration period
  • time_credit (Min. / > 0) - overwrite template time_credit
  • ticket_limit (MB / > 0) - overwrite template ticket_limit
  • session_limit (MB / > 0) - overwrite template session_limit
  • idle_timeout (Min. / > 0) - overwrite template idle_timeout
  • bw_in (Kbit/s / > 64) - overwrite template download_bandwidth
  • bw_out (Kbit/s / > 64) - overwrite template upload_bandwidth
  • set_online (1) - set given device (MAC-Address) online with created ticket
  • device_mac (MAC-Address) - MAC-Address of the device which should be set online on next connect. This is needed for set_online option.
  • printer_id (int) - ticket printer id on which the created ticket will be printed (see List Ticket Printers on how to obtain the printer id)
  • language (id_ID) - set default language of the ticket (see below)
  • email - send the ticket data to the specified E-Mail address. Requires E-Mail Login Module to be active and configured.

Create ticket example

curl --insecure --data "username=<USER>&password=<PASSWORD>&action=create&subaction=create_ticket
&use_template=248&return_userdata=1&expiration=15&time_credit=77&ticket_limit=1234&session_limit=123
&idle_timeout=99&bw_in=25000&tk_username=myticket&tk_password=mysecret&set_online=1
&device_mac=AA:BB:CC:11:22:33&language=en_US" https://192.168.1.1/batch.php

Example output:
{"error":0,"data":{"ticket_id":"766","username":"myticket","password":"mysecret"}}

Language IDs 

ar_AE - Arabic
cs_CZ - Czech
da_DK - Danish
de_DE - German
el_GR - Greek
en_US - English
es_ES - Spanish
fr_FR - French
he_IL - Hebrew
hr_HR - Croatian
hu_HU - Hungarian
id_ID - Indonesian
it_IT - Italian
ja_JP - Japanese
nb_NO - Norwegian
nl_NL - Dutch
pl_PL - Polish
pt_PT - Portuguese
ro_RO - Romanian
ru_RU - Russian
sk_SK - Slovak
sl_SI - Slovenian
sv_SE - Swedish
tr_TR - Turkish
uk_UA - Ukrainian
zh_CN - Chinese (Simplified)

Create ticket example with simple custom description

curl --insecure --data "username=<USER>&password=<PASSWORD>&action=create&subaction=create_ticket
&use_template=248&return_userdata=1&expiration=15&time_credit=77&ticket_limit=1234&session_limit=123
&idle_timeout=99&bw_in=25000&tk_username=myticket&tk_password=mysecret&set_online=1
&device_mac=AA:BB:CC:11:22:33&description=for room number 123"
https://192.168.1.1/batch.php

Output same format as above

Create ticket example with custom description used for user data

curl --insecure --data "username=<USER>&password=<PASSWORD>&action=create&subaction=create_ticket
&use_template=248&return_userdata=1&expiration=15&time_credit=77&ticket_limit=1234&session_limit=123
&idle_timeout=99&bw_in=25000&tk_username=myticket&tk_password=mysecret&set_online=1
&device_mac=AA:BB:CC:11:22:33&description=Name:John;Patient Number:123;Email:mail@test.com"
https://192.168.1.1/batch.php

Output same format as above

Ticket Logout

Logout certain tickets based on the ticket id. This also works with multiple ticket ids.

curl --insecure --data "username=<USER>&password=<PASSWORD>&action=manage_ticket
&subaction=logout&ids=12,22,540,299" https://192.168.1.1/batch.php

Example output:

{"error":0,"success_msg":"TicketID(s) 123 successfully logged off by WebAdmin user 'sysop'"}

Ticket Revoke

Revoke certain tickets based on the ticket id. This also works with multiple ticket ids.

curl --insecure --data "username=<USER>&password=<PASSWORD>&action=manage_ticket
&subaction=revoke&ids=12,22,540,299" https://192.168.1.1/batch.php

Example output:

{"error":0,"success_msg":"TicketID(s) 123 successfully revoked by WebAdmin user 'sysop'"}

Autologin Devices

Create a new Autologin Device

Add an autologin device as either static or dynamic device. Optional autologin types are:

  • type=static: Adds the autologin device as a static device. Requires parameters mac and ip.
  • type=dyn_mac: Adds the autologin device as a dynamic device identified via MAC address. Requires parameter mac.
  • type=dyn_ip: Adds the autologin device as a dynamic device identified via IP address. Requires parameter ip
  • type=wildcard_mac: Adds a wildcard entry to affect multiple devices at once via MAC address. Requires parameter mac. Valid formats are AA:BB:CC:11:22:33, AA:*:CC:*:22:* and AA:??:CC:??:22:??.
  • type=wildcard_ip: Adds a wildcard entry to affect multiple devices at once via IP address. Requires parameter ip. Valid formats are 172.30.3.54, 172.30.3.* and 172.30.3.??.

Following parameters are available:

  • return_userdata: Can be used when adding a new autologin device. If value is 1, returns the autologin device id.
  • device_id: When removing an autologin device, the device_id must be specified.
  • mac: Used when adding a static device or a wildcard via MAC address device.
  • ip: Used when adding a static device or a wildcard via IP address device.
  • desc: For static autologin devices, this will become the name. For all other types, this is the description.
  • ticket_limit: Ticket limit in MB. Can be used while adding a new autologin device. If the ticket limit is used up, the ticket will be revoked and recreated. For an unlimited use the value 1000000000.
  • session_limit: Session limit in MB. Can be used while adding a new autologin device. If the session limit is used up, the ticket will be logged off. If the device is still in the network, it will automatically be logged in again.
  • idle_timeout: Defines the time a ticket will be logged off when the device is completely inactive (turned off or not in the network anymore).
  • bw_in: The download bandwidth in Kbit/s for new autologin entries.
  • bw_out: The upload bandwidth in Kbit/s for new autologin entries.

Example command to add a new static autologin device with the MAC address AA:BB:CC:11:22:33 and IP address 172.29.0.1. The added device is called Batch_Test. The ticket limits for this device should be 1234 MB as session limit, 5678 MB as ticket limit and 20.000 Kbit/s as download and upload bandwidth:

curl --insecure -o created_autologin_device_id.tmp --data "username=<USER>&password=<PASSWORD>&
action=autologon_devices&subaction=add_device&type=static&mac=AA:BB:CC:11:22:33&ip=172.29.0.1&
desc=Batch_Test&ticket_limit=5678&session_limit=1234&bw_in=20000&bw_out=20000" https://192.168.1.1/batch.php

Example output:
{"error":0,"data":{"device_id":"8","device_mac":"AA:BB:CC:11:22:33","device_ip":"172.29.0.1"}}

Example command to add a single dynamic MAC device with the MAC address AA:BB:CC:11:22:33. The device description should be Batch_Test and the idle timeout 30 minutes. The ticket limits for this device should be 1234 MB as session limit, 5678 MB as ticket limit and 20.000 Kbit/s as download and upload bandwidth:

curl --insecure -o created_autologin_device_id.tmp --data "username=<USER>&password=<PASSWORD>&action=autologon_devices&
subaction=add_device&type=dyn_mac&mac=AA:BB:CC:11:22:33&desc=Batch_Test&ticket_limit=5678&
session_limit=1234&idle_timeout=30&bw_in=20000&bw_out=20000" https://192.168.1.1/batch.php

Example output:
{"error":0,"data":{"device_id":"25","device_mac":"AA:BB:CC:11:22:33","device_ip":""}}

Example command to add a single dynamic IP device with the IP address 172.29.0.1. The device description should be Batch_Test and the idle timeout 30 minutes. The ticket limits for this device should be 1234 MB as session limit, 5678 MB as ticket limit and 20.000 Kbit/s as download and upload bandwidth:

curl --insecure -o created_autologin_device_id.tmp --data "username=<USER>&password=<PASSWORD>&action=autologon_devices&
subaction=add_device&type=dyn_ip&ip=172.29.0.1&desc=Batch_Test&ticket_limit=5678&session_limit=1234&
idle_timeout=30&bw_in=20000&bw_out=20000" https://192.168.1.1/batch.php

Example output:
{"error":0,"data":{"device_id":"26","device_mac":"AA:BB:CC:11:22:33","device_ip":"172.29.0.1"}}

Example command to add a wildcard MAC entry, so that all devices which apply to the MAC address wildcard AA:BB:CC:11:*:33 will be recognized as an autologin device and get an according ticket. The device description should be Batch_Test and the idle timeout 30 minutes. The ticket limits for this entry should be 1234 MB as session limit, 5678 MB as ticket limit and 20.000 Kbit/s as download and upload bandwidth:

curl --insecure -o created_autologin_device_id.tmp --data "username=<USER>&password=<PASSWORD>&
action=autologon_devices&subaction=add_device&type=wildcard_mac&mac=AA:BB:CC:11:*:33&desc=Batch_Test&
ticket_limit=5678&session_limit=1234&idle_timeout=30&bw_in=20000&bw_out=20000" https://192.168.1.1/batch.php

Example output:
{"error":0,"data":{"device_id":"27","device_mac":"AB:BB:CC:11:*:33","device_ip":""}}

Example command to add a wildcard IP entry. All devices which apply to the IP address wildcard 172.29.0.* will be recognized as an autologin device and get an according ticket. The device description should be Batch_Test and the idle timeout 30 minutes. The ticket limits for this entry should be 1234 MB as session limit, 5678 MB as ticket limit and 20.000 Kbit/s as download and upload bandwidth:

curl --insecure -o created_autologin_device_id.tmp --data "username=<USER>&password=<PASSWORD>&
action=autologon_devices&subaction=add_device&type=wildcard_ip&ip=172.29.0.*&desc=Batch_Test&
ticket_limit=5678&session_limit=1234&idle_timeout=30&bw_in=20000&bw_out=20000" https://192.168.1.1/batch.php

Example output:
{"error":0,"data":{"device_id":"28","device_mac":"","device_ip":"172.29.0.*"}}

Delete an Autologin Device

Example command to remove a static autologin device, in this example the id 111.

curl --insecure -o log.tmp --data "username=<USER>&password=<PASSWORD>&
action=autologon_devices&subaction=remove_device&type=static&device_id=111" https://192.168.1.1/batch.php

Example output:
{"error":0,"data":"Batch Access API: Static single autologin device Test deleted"}

Example command to remove a dynamic autologin device, in this example the id 222. The type dynamic must be used for all according types which includes dyn_mac, dyn_ip, wildcard_mac and wildcard_ip.

curl --insecure -o log.tmp --data "username=<USER>&password=<PASSWORD>&
action=autologon_devices&subaction=remove_device&type=dynamic&device_id=222" https://192.168.1.1/batch.php

Example output:
{"error":0,"data":"Batch Access API: Dynamic autologin device with id 222 deleted"}

To automatically revoke tickets together with an autologin entry, add the POST parameter del_ticket=1. Note that this does only work for single dynamic autologin entries but not for wildcard entries.

curl --insecure -o log.tmp --data "username=<USER>&password=<PASSWORD>&action=autologon_devices&
subaction=remove_device&type=dynamic&device_id=222&del_ticket=1" https://192.168.1.1/batch.php

Example output:
{"error":0,"data":"Batch Access API: Dynamic autologin device with id 222 deleted"}

Export Autologin Device List

Valid subactions are:

  • export_list: To export Autologin Device Lists
  • import_list: To import Autologin Device Lists

Example command to export static autologin device list

curl --insecure -o static_autologin.csv --data "lang=en_US&username=<USER>&password=<PASSWORD>&
action=autologon_devices&subaction=export_list&type=static&dataformat=csv" https://192.168.1.1/batch.php

Example output:
"IP Address";"MAC Address";"Name";"Description";"Active";"Download Bandwidth";"Upload Bandwidth";"Ticket Limit";"PMS Authentication";"Fixed Bandwidth";"Web Filter Bypass";"Application Control Profile";"Port Filter Group"
"172.29.0.1";"AA:BB:CC:11:22:33";"Testdevice";"";"0";"";"";"1000";"0";"0";"0";"4096";"Global"

Example command to export dynamic autologin device list

curl --insecure -o dynamic_autologin.csv --data "lang=en_US&username=<USER>&password=<PASSWORD>&
action=autologon_devices&subaction=export_list&type=dynamic&dataformat=csv" https://192.168.1.1/batch.php

Example output:
"IP Address";"MAC Address";"Description";"Active";"Download Bandwidth";"Upload Bandwidth";"Ticket Limit";"Max Idle Time";"Web Filter Bypass";"Application Control Profile";"Port Filter Group"
"";"*:*:*:*:*:*";"";"0";"0";"0";"1000000000";"0";"0";"4096";"Global"
"";"AA:BB:CC:11:22:32";"Testdevice 1";"1";"";"";"1000";"0";"0";"4096";"Global"
"";"AA:BB:CC:11:22:31";"Testdevice 2";"1";"20000";"20000";"5678";"30";"0";"4096";"Global"

Import Autologin Device List

Note that the command structure changes for file uploads due to how cURL works. List of upload methods:

  • update = Inserts/Updates the live Autologin List with the entries in the uploaded file
  • delete Deletes the live Autologin Devices that match the devices in the uploaded file
  • renew Deletes the Autologin Device Table before uploading the devices in the uploaded file

Example command to import static autologin device list using the update - method

curl --insecure -H "Content-Type: multipart/form-data" -F 'username=<USER>' -F 'password=<PASSWORD>' 
-F 'action=autologon_devices' -F 'subaction=import_list' -F 'type=static' 
-F 'method=update' -F 'file=@/path/to/static_autologin.csv' https://192.168.1.1/batch.php

Example output:
{"error":0,"data":"Batch Access API: Upload completed with no errors"}

Example command to import dynamic autologin device list using the delete - method

curl --insecure -H "Content-Type: multipart/form-data" -F 'username=<USER>' -F 'password=<PASSWORD>' 
-F 'action=autologon_devices' -F 'subaction=import_list' -F 'type=dynamic' 
-F 'method=delete' -F 'file=@/path/to/dynamic_autologin.csv' https://192.168.1.1/batch.php

Example output:
{"error":0,"data":"Batch Access API: Upload completed with no errors"}

Example command to import dynamic autologin device list using the renew - method

curl --insecure -H "Content-Type: multipart/form-data" -F 'username=<USER>' -F 'password=<PASSWORD>' 
-F 'action=autologon_devices' -F 'subaction=import_list' -F 'type=dynamic' 
-F 'method=renew' -F 'file=@/path/to/dynamic_autologin.csv' https://192.168.1.1/batch.php

Example output:
{"error":0,"data":"Batch Access API: Upload completed with no errors"}

System Commands

Reboot System

Reboot the system by calling:

curl --insecure --data "username=<USER>&password=<PASSWORD>&action=services&subaction=reboot" https://192.168.1.1/batch.php

Poweroff System

In order to support shutdowns triggered by a UPS (Uninterrupted Power Supply), which runs on battery, use this call:

curl --insecure --data "username=<USER>&password=<PASSWORD>&action=services&subaction=halt" https://192.168.1.1/batch.php

Export Backup

Creates and returns a system backup file:

curl --insecure -o backup.bkp --data "username=<USER>&password=<PASSWORD>&backup=1" https://192.168.1.1/download_backup.php

Online Update

Start the online update on the selected IACBOX from outside.

curl --insecure -o update.tmp --data "username=<USER>&password=<PASSWORD>&action=online_update&subaction=doupdate" https://192.168.1.1/batch.php

Download Update-Log Lists

Returns a list with all available logfiles from the online update (not the actual logs).

curl --insecure -o logfiles.tmp --data "username=<USER>&password=<PASSWORD>&
action=online_update&subaction=list_log_files" https://192.168.1.1/batch.php

Example output:
{"logs":["onlupdate_20240131093059.log","onlupdate_20240131093100.log"]}

Export Update Log

Exports a specific update log from all available log files on the IACBOX.

curl --insecure -o logfiles.tmp --data "username=<USER>&password=<PASSWORD>&
action=online_update&subaction=fetch_log_files&logfiles=onlupdate_20240131093059.log;onlupdate_20240131093100.log" https://192.168.1.1/batch.php

Example output:
[2024.01.31 09:30:59] Starting onlineupdate ...
[2024.01.31 09:31:00] Connection test ...
[2024.01.31 09:31:01] Connection test: GOOD

Webhook Commands

Add a new Webhook

Adds and registers a new webhook.

  • uuid: A UUID identifying this webhook. If empty a new one is created and returned in the response. Like 03b4f880-b203-11ea-a91b-399b6ee88011
  • name: Display name of the webhook
  • url: Webhook endpoint URL like https://my-webhook-endpoint.com:8080/api
  • method: Used HTTP method. Possible values are: GET, POST, PUT, DELETE
  • body: Body as text (very likely JSON). Example {"id":"{{event.uuid}}","{{event.type}}","occured":"{{event.created_at}}","ticket_id":"{{event.ticket_id}}","data":{{event.data}}}
  • headers: : A JSON list of strings that are custom headers added to the webhook request like ["Content-Type: application/json"]
  • events: A JSON list of strings which represent the events to subscribe to like ticket.logged_in
  • auth_type: Authentication type can be: none, basic, bearer
    • none: No authentication is needed to call the webhook endpoint
    • basic: HTTP Basic Auth with username and password should be used (Uses the Authentication: xxx header)
    • bearer: A JSON request is made with username and password to the endpoint and a bearer token is returned.
  • auth_username: Username for authentication
  • auth_password: Password for authentication

The following fields are only needed for authentication type bearer

  • auth_url: The URL of the authentication endpoint
  • auth_headers: A JSON list of strings that are custom headers added to the authentication request
  • auth_method: Used HTTP method. Possible values are: GET, POST, PUT, DELETE
  • auth_body: Body as text (most likely as JSON). Username and Password can be referenced with the placeholders {{auth.username}} and {{auth.password}}
  • auth_token_field: Specifies the path in the JSON response where to find the token like key1.token if the response would be {"key1":{"token":"<here-is-the-token>"}}
  • auth_refresh_token_minutes: After how many minutes the token has to be refreshed. Defaults to 60 minutes.
curl --insecure -o backup.bkp --data "username=<USER>&password=<PASSWORD>&action=webhook&subaction=add&uuid=03b4f880-b203-11ea-a91b-399b6ee88011&name=MyWebhook&url=https%3A%2F%2Fmy-webhook-endpoint.com&method=POST&body=%7B%22id%22%3A%22%7B%7Bevent.uuid%7D%7D%22%2C%22%7B%7Bevent.type%7D%7D%22%2C+%22occured%22%3A%22%7B%7Bevent.created_at%7D%7D%22%2C+%22ticket_id%22%3A%22%7B%7Bevent.ticket_id%7D%7D%22%2C+%22data%22%3A%7B%7Bevent.data%7D%7D%7D&headers=%7B%22Content-Type%22%3A%22application%2Fjson%22%7D&events=%5B%22ticket.logged_in%22%5D&auth_type=none&auth_url=&auth_headers=%7B%7D&auth_method=POST&auth_username=&auth_password=&auth_body=&auth_token_field=&auth_refresh_token_minutes=60" https://192.168.1.1/batch.php

Delete a new Webhook

Deletes a webhook by it’s UUID.

curl --insecure -o backup.bkp --data "username=<USER>&password=<PASSWORD>&action=webhook&subaction=delete&uuid=03b4f880-b203-11ea-a91b-399b6ee88011" https://192.168.1.1/batch.php
Central Services →