Skip to content

Instantly share code, notes, and snippets.

@mbentley

mbentley/omada_api.ps1

Last active June 21, 2024 21:35
Show Gist options
  • Save mbentley/03c198077c81d52cb029b825e9a6dc18 to your computer and use it in GitHub Desktop.
Save mbentley/03c198077c81d52cb029b825e9a6dc18 to your computer and use it in GitHub Desktop.
Download ZIP
Example API Calls Using Powershell and Bash/curl for Omada Controller (last validated on 5.12.7)
Raw
omada_api.ps1
### PowerShell Example
# set variables
$OMADA_URL = "https://omada.example.com:8043"
$USERNAME = "admin"
$PASSWORD = "test12345"
# get controller id from the API
$CONTROLLER_ID = (Invoke-RestMethod -Uri "${OMADA_URL}/api/info" -Method Get -UseBasicParsing).result.omadacId
# set the login request body as json
$loginRequestBody = @{
username = $USERNAME
password = $PASSWORD
} | ConvertTo-Json
# login, get token, set a session variable
$loginResponse = Invoke-RestMethod -Uri "${OMADA_URL}/${CONTROLLER_ID}/api/v2/login" -Method Post -ContentType "application/json" -Body $loginRequestBody -SessionVariable OmadaSession
# extract the token and create a variable for the headers
$TOKEN = $loginResponse.result.token
$RequestHeaders = @{
"Csrf-Token" = $TOKEN
"Content-Type" = "application/json"
}
# validate login
Invoke-RestMethod -Uri "${OMADA_URL}/${CONTROLLER_ID}/api/v2/loginStatus?token=${TOKEN}" -Method Get -Headers $RequestHeaders -WebSession $OmadaSession
# example to get info on the current user
Invoke-RestMethod -Uri "${OMADA_URL}/${CONTROLLER_ID}/api/v2/users/current?token=${TOKEN}&currentPage=1&currentPageSize=1000" -Method Get -Headers $RequestHeaders -WebSession $OmadaSession
Raw
omada_api.sh
### Bash Example
# set variables
OMADA_URL="https://omada.example.com:8043"
USERNAME="admin"
PASSWORD="test12345"
# get controller id from the API
CONTROLLER_ID="$(curl -sk "${OMADA_URL}/api/info" | jq -r .result.omadacId)"
# login, get token, set & use cookies
TOKEN="$(curl -sk -X POST -c "/tmp/omada-cookies.txt" -b "/tmp/omada-cookies.txt" -H "Content-Type: application/json" "${OMADA_URL}/${CONTROLLER_ID}/api/v2/login" -d '{"username": "'"${USERNAME}"'", "password": "'"${PASSWORD}"'"}' | jq -r .result.token)"
# once logged in, make sure you add the following header on additional API calls:
# -H "Csrf-Token: ${TOKEN}"
# validate login
curl -sk -X GET -b "/tmp/omada-cookies.txt" -H "Content-Type: application/json" -H "Csrf-Token: ${TOKEN}" "${OMADA_URL}/${CONTROLLER_ID}/api/v2/loginStatus?token=${TOKEN}" | jq .
# example to get info on the current user
curl -sk -X GET -b "/tmp/omada-cookies.txt" -H "Content-Type: application/json" -H "Csrf-Token: ${TOKEN}" "${OMADA_URL}/${CONTROLLER_ID}/api/v2/users/current?token=${TOKEN}&currentPage=1&currentPageSize=1000"
@eugen257
Copy link

eugen257 commented Aug 24, 2023
edited by mbentley
Loading

Can't tell me why I always get the following:

<!DOCTYPE HTML>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <!-- 不可以删除,用以本地版本校准静态资源路径,从根目录获取 -->
    <base href="/" />

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
    <meta name="format-detection" content="telephone=no">
    <meta name="viewport" content="width=1300,initial-scale=1,minimal-ui"/>
    <link rel="shortcut icon" href="favicon.ico"/>
    <link rel="stylesheet" href="theme/lib/css/spectrum-d0fce89613.css">
    <link rel="stylesheet" href="theme/css/su-a61fe7bf98.css">
    <title id="title">Omada Controller</title>
    <noscript>
        <meta http-equiv="refresh" content="0; url=error.html"/>
    </noscript>
</head>

<body>
<div id="main-container" class="m-b-0"></div>
<canvas id="canvas-test"></canvas>
<script type="text/javascript" src="js/libs/polyfill-6926951583.min.js"></script>
<script type="text/javascript" src="js/libs/g6-75b82cdd1d.min.js" async></script>
<script type="text/javascript" src="js/libs/jquery-4cb8672160.min.js"></script>
<script type="text/javascript" src="js/libs/jquery-16e37f8666.ui.min.js"></script>
<script type="text/javascript" src="js/libs/sockjs-e2b1fc0be3.min.js"></script>
<script type="text/javascript" src="js/libs/stomp-51779f8e6c.min.js"></script>
<!--<script type="text/javascript" src="js/libs/excanvas-884b8a4daa.min.js"></script>-->
<script type="text/javascript" src="js/libs/resize-observer-c32f1af8c3.min.js"></script>
<script type="text/javascript" src="js/libs/spectrum-dae9c90a3b.min.js"></script>
<script type="text/javascript" src="js/libs/jquery-202b9c1ad9.cookie.min.js"></script>
<script type="text/javascript" src="js/libs/perfect-scrollbar-85fff207d9.min.js"></script>
<script type="text/javascript" src="js/libs/lottie-cedc90aaa6.min.js"></script>
<script type="text/javascript" src="js/libs/cryptoJS-242f7a6460.min.js"></script>
<script type="text/javascript" src="js/libs/moment-761502841c.min.js"></script>
<script type="text/javascript" src="js/libs/moment-timezone-with-data-5c8ed7bc8a.min.js"></script>
<script type="text/javascript" src="js/libs/json2html-8826f30caf.min.js"></script>
<script type="text/javascript" src="js/libs/qiankun-af1f11c736.min.js"></script>
<script type="text/javascript" src="js/su/su-e7a464013a.js"></script>
<script type="text/javascript">
    $.su.language = new $.su.Language();
    var canvas = document.getElementById("canvas-test");
    try {
        canvas.getContext("2d");
        document.body.removeChild(canvas);
    } catch (e) {
        location.href = "./error.html";
    }
    var WebSocketsExist = !!window.WebSocket;
    if (!WebSocketsExist) {
        location.href = "./error.html";
    }
</script>

<script type="text/javascript" src="js/su/service-074f624000.js"></script>

<script type="text/javascript" src="js/su/data-fc10d8ee54.js"></script>

<script type="text/javascript" src="js/su/widget-665e38f169.js"></script>

<script type="text/javascript" src="js/su/form-a8aae2edd1.js"></script>

<script type="text/javascript" src="js/su/manager-a30c673f55.js"></script>

<script type="text/javascript" src="js/su/dataBind-f4e5c3f2c6.js"></script>

<script type="text/javascript" src="js/su/application-7c61407273.js"></script>

<script type="text/javascript" src="js/app/app-490d3af263.js"></script>

<script type="text/javascript">
    $(document).ready(function(e){
        App = new $.su.App();
        App.setContainer("main-container");
        App.init().done(function(){
            App.launch();
        });
    });
</script>
</body>
</html>

@mbentley
Copy link
Author

Hard to tell without further detail but this is just the login page as HTML.

@eugen257
Copy link

An example of a request:

Invoke-RestMethod -Uri "${OMADA_URL}/${CONTROLLER_ID}/api/v2/sites/Default/devices" -Method Get -ContentType "application/json" -Headers $CsrfTokenHeader -UseBasicParsing

@mbentley
Copy link
Author

I will have to give it a shot with PowerShell when I get a chance. I haven't done so before.

@eugen257
Copy link

eugen257 commented Aug 25, 2023
edited by mbentley
Loading 

### Set variables
$OMADA_URL = "https://URL"
$USERNAME = "username"
$PASSWORD = "password"

### Get controller id from the API
$CONTROLLER_ID = (Invoke-RestMethod -Uri "${OMADA_URL}/api/info" -Method Get -UseBasicParsing).result.omadacId

### Login, get token, set & use cookies
$loginRequestBody = @{
     username = $USERNAME
     password = $PASSWORD
 } | ConvertTo-Json

$loginResponse = Invoke-RestMethod -Uri "${OMADA_URL}/${CONTROLLER_ID}/api/v2/login" -Method Post -ContentType "application/json" -Body $loginRequestBody -SessionVariable session

$TOKEN = $loginResponse.result.token
$CsrfTokenHeader = @{
     "Csrf-Token" = $TOKEN
     "Content-Type" = "application/json"
 }

Invoke-RestMethod -Uri "${OMADA_URL}/${CONTROLLER_ID}/api/v2/sites/Default/devices" -Method Get -ContentType "application/json" -Headers $CsrfTokenHeader -UseBasicParsing

@xnaron
Copy link

xnaron commented Sep 27, 2023

Is this still working with the latest controller released Sep 19, 2023?

@mbentley
Copy link
Author

Is this still working with the latest controller released Sep 19, 2023?

Yes

@mbentley
Copy link
Author

@eugen257 - so the only issue with your powershell is that you set the session variable but you never use it. According to this powershell reference, you need to use -WebSession $session to reference in in PowerShell 7.3 or older. I added a complete working example of a powershell above in the gist that matches what the bash example does.

@eugen257
Copy link

eugen257 commented Feb 23, 2024
edited
Loading

@mbentley can you tell me how I can read all the settings and most importantly the MAC whitelist filter

It doesn't show anything useful. and the documentation also does not have a clear understanding of how to do this:

(Invoke-RestMethod -Uri "${OMADA_URL}/${CONTROLLER_ID}/api/v2/sites/638ef74e14f65e09652531f5/setting/firewall/macfilters?token=${TOKEN}" -Method Get -Headers $RequestHeaders -WebSession $OmadaSession).result

Screenshot 2024-02-23 191908

Why is the list not active here and I can’t activate it?

$macFilterConfig = @{
enable = $true
}

Invoke-RestMethod -Uri "$OMADA_URL/$OMADAC_ID/api/v2/sites/$SITE_ID/setting/firewall/macfilter" -Method Post -ContentType "application/json" -Body ($macFilterConfig | ConvertTo-Json) -Headers $RequestHeaders -UseBasicParsing -WebSession $OmadaSession

    0 Success. @{enable=False}

@nklamann
Copy link

nklamann commented Jun 4, 2024

I wrote a similar example for the new openapi . See this gist

@eugen257
Copy link

That doesn't work for me. What works is this but I still can't find how to add devices to the whitelist:

'### PowerShell Example'
'# set variables'
'$OMADA_URL = "https://omada.local" '
'$USERNAME = "login" '
'$PASSWORD = "pass" '

'# get controller id from the API'
'$CONTROLLER_ID = (Invoke-RestMethod -Uri "${OMADA_URL}/api/info" -Method Get -UseBasicParsing).result.omadacId'

'# set the login request body as json
'$loginRequestBody = @{
username = $USERNAME
password = $PASSWORD
} | ConvertTo-Json'

'# login, get token, set a session variable'
'$loginResponse = Invoke-RestMethod -Uri "${OMADA_URL}/${CONTROLLER_ID}/api/v2/login" -Method Post -ContentType "application/json" -Body $loginRequestBody -SessionVariable OmadaSession'

'# extract the token and create a variable for the headers'
'$TOKEN = $loginResponse.result.token'
'$RequestHeaders = @{
"Csrf-Token" = $TOKEN
"Content-Type" = "application/json"
}'

'# validate login'
'Invoke-RestMethod -Uri "${OMADA_URL}/${CONTROLLER_ID}/api/v2/loginStatus?token=${TOKEN}" -Method Get -Headers $RequestHeaders -WebSession $OmadaSession'

'# example to get info on the current user'
'$CurrentUser = Invoke-RestMethod -Uri "${OMADA_URL}/${CONTROLLER_ID}/api/v2/users/current?token=${TOKEN}&currentPage=1&currentPageSize=1000" -Method Get -Headers $RequestHeaders -WebSession $OmadaSession'
'$CurrentUser.result'

'#Sitens'
'$SITE = (Invoke-RestMethod -Uri "${OMADA_URL}/${CONTROLLER_ID}/api/v2/sites?currentPage=1&currentPageSize=1000" -Method Get -Headers $RequestHeaders -WebSession $OmadaSession).result.data'
'$SITE_ID = $SITE.id'

'#devices'
'(Invoke-RestMethod -Uri "${OMADA_URL}/${CONTROLLER_ID}/api/v2/sites/${SITE_ID}/devices" -Method Get -Headers $RequestHeaders -WebSession $OmadaSession).result | select name'

'#settings'
'(Invoke-RestMethod -Uri "${OMADA_URL}/${CONTROLLER_ID}/api/v2/sites/${SITE_ID}/setting?currentPage=1&currentPageSize=1000" -Method Get -Headers $RequestHeaders -WebSession $OmadaSession).result #| select name'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment