REST API Reference
87 resources, 24 RPC endpoints, OpenAPI 3.0 spec, and a ready-to-use Postman collection. Everything you need to automate IronWiFi.
Getting Started
Three things you need to start making API calls
Base URL & Regions
Choose the regional endpoint closest to your deployment.
| Region | Base URL |
|---|---|
| Global (default) | console.ironwifi.io |
| Europe West | europe-west1.ironwifi.io |
| Europe West 2 | europe-west2.ironwifi.io |
| US Central | us-central1.ironwifi.io |
| US West | us-west1.ironwifi.io |
| Asia Southeast | asia-southeast1.ironwifi.io |
| Asia East | asia-east1.ironwifi.io |
| Australia | australia-southeast1.ironwifi.io |
| Africa South | africa-south1.ironwifi.io |
Authentication
All requests require a Bearer token in the Authorization header.
Authorization: Bearer {your_api_token}
Generate API keys in Console > Account > API Keys or via the /keys endpoint.
Pagination & Filtering
Responses use HAL+JSON format with _embedded, _links, and pagination metadata.
# Paginate GET /users?page=2&page_size=50 # Filter GET /users?filter[disabled]=0 # Sort GET /users?sort=username:asc
Code Samples
Common operations in cURL, Python, and Node.js
List Users
Retrieve a paginated list of RADIUS users
curl -X GET "https://console.ironwifi.io/users" \ -H "Authorization: Bearer $API_TOKEN" \ -H "Accept: application/json"
import requests
resp = requests.get(
"https://console.ironwifi.io/users",
headers={"Authorization": f"Bearer {API_TOKEN}"}
)
users = resp.json()["_embedded"]["users"]
const resp = await fetch(
"https://console.ironwifi.io/users",
{ headers: { Authorization: `Bearer ${API_TOKEN}` } }
);
const { _embedded: { users } } = await resp.json();
Create User
Add a new RADIUS user to a group
curl -X POST "https://console.ironwifi.io/users" \
-H "Authorization: Bearer $API_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"username": "jsmith@company.com",
"password": "secure_password",
"table_id": "GROUP_ID"
}'
resp = requests.post(
"https://console.ironwifi.io/users",
headers={
"Authorization": f"Bearer {API_TOKEN}",
"Content-Type": "application/json"
},
json={
"username": "jsmith@company.com",
"password": "secure_password",
"table_id": "GROUP_ID"
}
)
const resp = await fetch(
"https://console.ironwifi.io/users",
{
method: "POST",
headers: {
Authorization: `Bearer ${API_TOKEN}`,
"Content-Type": "application/json"
},
body: JSON.stringify({
username: "jsmith@company.com",
password: "secure_password",
table_id: "GROUP_ID"
})
}
);
Generate Onboarding Profile
Create a device enrollment profile for 802.1X
curl -X POST "https://console.ironwifi.io/profiles" \
-H "Authorization: Bearer $API_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"ssid": "Corp-WiFi",
"eap_type": "EAP-TLS",
"platform": "windows"
}'
resp = requests.post(
"https://console.ironwifi.io/profiles",
headers={
"Authorization": f"Bearer {API_TOKEN}",
"Content-Type": "application/json"
},
json={
"ssid": "Corp-WiFi",
"eap_type": "EAP-TLS",
"platform": "windows"
}
)
const resp = await fetch(
"https://console.ironwifi.io/profiles",
{
method: "POST",
headers: {
Authorization: `Bearer ${API_TOKEN}`,
"Content-Type": "application/json"
},
body: JSON.stringify({
ssid: "Corp-WiFi",
eap_type: "EAP-TLS",
platform: "windows"
})
}
);
Create Guest Voucher
Generate a time-limited guest WiFi voucher
curl -X POST "https://console.ironwifi.io/vouchers" \
-H "Authorization: Bearer $API_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"table_id": "GROUP_ID",
"duration": 86400,
"count": 10
}'
resp = requests.post(
"https://console.ironwifi.io/vouchers",
headers={
"Authorization": f"Bearer {API_TOKEN}",
"Content-Type": "application/json"
},
json={
"table_id": "GROUP_ID",
"duration": 86400,
"count": 10
}
)
const resp = await fetch(
"https://console.ironwifi.io/vouchers",
{
method: "POST",
headers: {
Authorization: `Bearer ${API_TOKEN}`,
"Content-Type": "application/json"
},
body: JSON.stringify({
table_id: "GROUP_ID",
duration: 86400,
count: 10
})
}
);
Interactive API Reference
Browse all 87 resources and 24 RPC endpoints
Loading API specification...
Developer Tools
Everything you need to integrate with IronWiFi
Postman Collection
Pre-configured collection with 87 resources, workflow examples, and environment variables. Import and start testing immediately.
Download Collection (1.2 MB)OpenAPI 3.0 Spec
Machine-readable specification for code generation, testing, and documentation. Compatible with all OpenAPI tools.
Download openapi.jsonSwagger UI
Try API calls directly from the IronWiFi Console with built-in authentication and live request/response inspection.
Open in ConsoleSDK Generation
Generate client libraries in any language using the OpenAPI spec and openapi-generator.
openapi-generator generate \ -i /api/openapi.json \ -g python -o ./ironwifi-sdk
Error Codes & Rate Limits
| Code | Meaning | Action |
|---|---|---|
400 | Bad Request | Check request syntax and required fields |
401 | Unauthorized | Verify your API token is valid and not expired |
403 | Forbidden | Check API key permissions and organization access |
404 | Not Found | Verify the resource ID and endpoint path |
409 | Conflict | Resource already exists with that identifier |
422 | Validation Error | Check required fields and data types in request body |
429 | Rate Limited | Wait and retry after the X-RateLimit-Reset time |
500 | Server Error | Retry with exponential backoff; contact support if persistent |
Rate Limits
100 requests per minute per API key. Rate limit status is returned in every response via headers: X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset. Bulk operations have additional per-endpoint limits. If rate limited, wait until the reset timestamp before retrying.
Frequently Asked Questions
How do I get an API key?
Log in to the IronWiFi Console, navigate to Account > API Keys, and click Create Key. Each key is scoped to your organization and can be revoked at any time. Use the key as a Bearer token in the Authorization header of every request.
Which API region should I use?
Use the region closest to your RADIUS server deployment for the lowest latency. The default global endpoint (console.ironwifi.io) works from anywhere. If you have data residency requirements, use the regional endpoint that matches your compliance needs (e.g., europe-west1.ironwifi.io for EU data sovereignty).
What are the API rate limits?
The API allows 100 requests per minute per API key. Rate limit status is returned in response headers: X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset. Bulk operations have additional per-endpoint limits. If you need higher limits, contact support.
Can MSP partners manage multiple tenants via the API?
Yes. MSP partners use the Organizations API to manage multiple customer tenants from a single API key. Each API call can target a specific organization, and bulk operations work across tenants for provisioning, configuration, and reporting.
Is there a Terraform provider?
Yes. IronWiFi offers a Terraform provider for infrastructure-as-code management of your WiFi authentication setup. You can manage users, groups, RADIUS servers, certificates, and policies as Terraform resources. See the Terraform page for details.
Ready to Build?
Start a 14-day free trial and explore the full API. No credit card required.