The New Cisco Umbrella APIs for Managed Service Providers


Automation is essential for Managed Service Providers (MSPs) to scale their operations to the ever increasing demands of digital business. Automation helps to improve operational efficiency, mitigate operational risk, reduce costs, and offset the negative effects of complexity. That’s why Cisco emphasizes not only the product feature but also its rich Application Programming Interfaces (APIs). APIs help MSPs to easily automate and seamlessly integrate products into their existing operations platforms. The new Umbrella APIs are based on OpenAPI Specification (OAS), a standard that provides an enhanced experience for MSPs.

The new Umbrella APIs provide MSPs with the following benefits:

  • More use cases and workflow automation
  • Enhanced security
  • Unified API key authentication
  • Easy API key management
  • Unified API KeyAdmin Dashboard

More use cases and workflow automation

MSPs can now generate multiple unique API keys for each use case or task. In the past, an organization could have only one API key per type, which forced MSPs to share API keys. This limitation required MSPs to add multiple use cases. The new Umbrella APIs provide more flexibility, accelerating the process to automate and streamline workflows, reduce labor-intensive manual tasks, and eliminate costly delays. Using the new Umbrella KeyAdmin Interface, MSP administrators can now create any number of granular, multi-scoped Umbrella API keys. (See Figure 1 below.)

Figure 1  New Umbrella KeyAdmin Interface

Enhanced security

Umbrella APIs helps MSPs to quickly implement their security integration. The token-based authentication method for all resources with granular access controls for each API key provides enhanced security. MSP administration can now customize access controls for each API key based on need or user role. An API key can access only the API resources found in the API key scopes. Each scope and resource can now have either Read-Only or Read/Write access privileges. In addition, an administrator can configure a lifetime or expiration  time for each new Umbrella API key. (The default is never expired.)

Unified API key authentication

Previous Umbrella API keys for the Management and Network Device types had basic authentication, and the reporting type had token-based authentication. All the new Umbrella API keys have the same OAuth 2.0 client authentication and authorization method, helping to reduce confusion. An Umbrella API key and key secret can be used to generate an Umbrella API access token, which can then be included in a request to the Umbrella API.

Easy API key management

The new KeyAdmin API feature helps MSPs to provision and manage Umbrella API keys. MSPs can use this feature to automate API key creation and management without depending on GUIs. MSP administration can generate an Umbrella API access token and then use that token to create and manage Umbrella API keys.

Summaries and lists of all API keys

The API KeyAdmin dashboard in the Umbrella Managed Services Console provides a summary and list of all the API keys. Auditing for API keys becomes easier to perform with this new dashboard. Administrators can view all the assigned APIs, their statuses, and details, helping them make decisions quickly–for example by being able to monitor and take action in cases when certain APIs have not been used for several weeks.

In the sample summary shown in Figure 2 below, the red triangle identifies the number of expired API keys, and the yellow triangle identifies the number of API keys expiring within 30 days.

Figure 2  Sample summary of API statuses
Figure 2  Sample summary of API statuses

Now it’s so easy for Managed Service Providers to implement and increase their operational efficiency. Consider including Umbrella as part of your managed security strategy for customers.

 

 

Additional resources

Learn about the Umbrella MSSP program

Learn more about Cisco Cloud Security API

Join Cisco DevNet today

 


We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with #CiscoPartners on social!

Cisco Partners Facebook  |  @CiscoPartners Twitter  |  Cisco Partners LinkedIn

Share:





Source link