The New Cisco Umbrella APIs for Managed Service Providers

Automation is essential for Managed Service Providers (MSPs) to scale their operations to the ever increasing demands of digital business. Automation helps to improve operational efficiency, mitigate operational risk, reduce costs, and offset the negative effects of complexity. That’s why Cisco emphasizes not only the product feature but also its rich Application Programming Interfaces (APIs). APIs help MSPs to easily automate and seamlessly integrate products into their existing operations platforms. The new Umbrella APIs are based on OpenAPI Specification (OAS), a standard that provides an enhanced experience for MSPs.

The new Umbrella APIs provide MSPs with the following benefits: more use cases and workflow automation, enhanced security, simplified API authentication, easy API key management, and Dashboard.

More use cases and workflow automation

MSPs can now generate multiple unique API keys for each use case or task. In the past, an organization could have only one API key per type, which forced MSPs to share API keys with other groups resulting in having few use cases. The new Umbrella APIs provide more flexibility, accelerating the process to automate and streamline workflows, reduce labor-intensive manual tasks, and eliminate costly delays. Using the new Umbrella KeyAdmin dashboard, MSP administrators can now create any number of granular, multi-scoped Umbrella API keys. (See Figure 1 below)

Figure 1 New Umbrella KeyAdmin Interface

Enhanced security

Umbrella APIs helps MSPs to quickly implement their security integration. The token-based authentication method for all resources with granular access controls for each API key provides enhanced security. MSP administration can now customize access controls for each API key based on need or user role. An API key can access only the API resources found in the API key scopes. Each scope and resource can now have either Read-Only or Read/Write access privileges. In addition, an administrator can configure a lifetime or expiration time for each new Umbrella API key. (The default is never expired.)

Simplified API authentication

Previous Umbrella API keys for the Management and Network Device types had basic authentication, and the reporting type had token-based authentication. All the new Umbrella API keys have the same OAuth 2.0 client authentication and authorization method, helping to reduce confusion. An Umbrella API key and key secret can be used to generate an Umbrella API access token, which can then be included in a request to the Umbrella API.

Easy API key management

The new KeyAdmin API feature helps MSPs to provision and manage Umbrella API keys. MSPs can use this feature to automate API key creation and management without depending on GUIs. MSP administration can generate an Umbrella API access token and then use that token to create and manage Umbrella API keys.

Dashboard

The API KeyAdmin dashboard in the Umbrella Managed Services Console provides a summary and list of all the API keys in a Org. Auditing for API keys becomes easier to perform with this new dashboard. Administrators can view all the assigned APIs, their statuses, and details, helping them make decisions quickly–for example by being able to monitor and take action in cases when certain APIs have not been used for several weeks.

In the sample summary shown in Figure 2 below, the red triangle identifies the number of expired API keys, and the yellow triangle identifies the number of API keys expiring within 30 days.

Now it’s so easy for Managed Service Providers to implement and increase their operational efficiency. The new Umbrella API will provide MSPs to build a comprehensive API management and an automated IT environment. Consider including Umbrella as part of your managed security strategy for customers.