OpenVPN Cloud API Guide (beta)
OpenVPN Cloud has launched the beta version of its API that you can use to develop your portal or application for the administration of your VPN networks, hosts, users, and other core services.
Note: As of June 10, 2021, the beta version of the API is available by invitation only. If you want to try out the beta version, contact the OpenVPN Cloud support team at email@example.com or open a request in the portal at support.openvpn.net.
You must authenticate to the API endpoint with your OpenVPN Cloud owner account credentials. Follow these steps to create your Basic or OAuth credentials:
- Access the OpenVPN administration portal, click the profile icon, and select My Account.
- Click Cloud API and then click Create Credentials.
- Add a name for your credential pair, and choose the authentication type.
- Basic credentials have an expiration of 5 minutes, 24 hours, 7 days, or 1 month. With Basic authentication, you must enter a whitelisted IP subnet range from which you connect to the API endpoint.
- OAuth credentials have an expiration of 2 weeks, 1 month, 6 months, or 1 year. With OAuth authentication, a whitelisted IP subnet range is optional.
- Note: Copy the credential key and paste it into a secure file.
- Note: Copy the secret key and paste it into a secure file.
- Click Back.
- The Cloud API page lists the credential.
- Click to toggle the Cloud API on.
Connecting to the API
The API endpoint address is unique to your account in this format:
JSON Calls and Responses
This guide provides an overview of the core JSON calls and responses available to you in the OpenVPN Cloud beta API.
For up-to-date information, you must first sign in to your OpenVPN Cloud owner account and then navigate to the Swagger portal:
A connector is an unattended device with a connector application installed, which provides connectivity between OpenVPN Cloud and your private network or private application server.
A DNS “A” record is an address record in your DNS server that resolves an IPv4 address with a hostname/domain.
A device is a computer, smartphone, or IoT-connected device with an installed OpenVPN client used to connect to your VPN. Each user can have one or more associated devices.
A host represents a server on your private network running a connector to provide connectivity to OpenVPN Cloud.
A network is an on-premises or IaaS-hosted range of private IP address subnets that provides access to business-owned resources, secure internet access, VPN egress, and more. Each network requires at least one connector for site-to-site or point-to-site VPN connectivity.
OAuth is an open-standard authorization protocol that provides secure, designated access to applications using authorization tokens, which prove your identity to authenticate with the API. Note that OpenVPN uses OAuth 2.0.
Generally, a user is an entity that is authorized to access your VPN, such as employees, contractors, and other third parties. A user can also be an entity that generates connection profiles for unattended routers or IoT devices.
A user group allows for the bulk administration of settings such as role- and department-based access controls, available VPN regions, internet access, types of authentication, and more.
A VPN region is a geographic point-of-presence hosted by OpenVPN Cloud, which consists of a group of high-performance multi-tenant VPN servers. All OpenVPN Cloud regions are interconnected in a full-mesh topology to form a high-bandwidth core network.