The Ixia Core API uses REST over HTTPS, and hence uses HTTP error codes to indicate API errors. It also uses HTTP verbs (GET, POST, etc.) to indicate the action to be taken in a specific request. The request body of every API call is a JSON object, and the response to every API call is also a JSON object.

The JSON for each API request has the following basic structure:


Every API call requires authentication. You authenticate to the Ixia API by using public/private key hashing of the current date, and by including your pre-assigned client id.



"authentication": {
    "date": 1439401799,
    "dateSignature": "6ecca4812601217293547cfc9e6ea050279948b7"

To get started making API calls, you will need your pre-assigned client id (provided by Ixia), and a public/private key pair. There are a multitude of ways to generate a public/private key pair, including using Java or OpenSSH. Once generated, send your public key to Ixia. Then use your private key to create a cryptographic signature of the date field. Writing code to generate the date and date signature is relatively straightforward. Here is some sample Java to do just that.

import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.Signature;
import org.apache.commons.codec.binary.Base64;
public class PublicPrivateKeyTester {
private static final int m_recommendedKeySize = 1024;
private static final String m_keyAlgorithm = "DSA";
private static final String m_signatureAlgorithm = "SHA1withDSA";
public static void main( String[] args ) throws Exception {
// create a public/private key pair
SecureRandom random = SecureRandom.getInstance( "SHA1PRNG" );
KeyPairGenerator keyGenerator = KeyPairGenerator.getInstance( m_keyAlgorithm );
keyGenerator.initialize( m_recommendedKeySize, random );
KeyPair keyPair = keyGenerator.generateKeyPair();
// TODO: write the key pair to disk, send the public key to Ixia
// get the current date as seconds since the Epoch
long dateSeconds = System.currentTimeMillis() / 1000;
byte[] dateStringAsBytes = String.valueOf( dateSeconds ).getBytes();
// create a base-64 signature using the private key
Signature signatureGenerator = Signature.getInstance( m_signatureAlgorithm );
signatureGenerator.initSign( keyPair.getPrivate() );
signatureGenerator.update( dateStringAsBytes );
byte[] signatureBytes = Base64.encodeBase64( signatureGenerator.sign() );
// verify the signature using the public key
Signature signatureVerifier = Signature.getInstance( m_signatureAlgorithm );
signatureVerifier.initVerify( keyPair.getPublic() );
signatureVerifier.update( dateStringAsBytes );
boolean isVerified = signatureVerifier.verify( Base64.decodeBase64( signatureBytes ) );
System.err.println( "dateSeconds: " + dateSeconds );
System.err.println( "signatureBytes: " + new String( signatureBytes ) );
System.err.println( "isVerified: " + isVerified );

Note that the above code sample uses Apache Commons.


Some API calls require meta data to be included in the request. This meta data structure is unique to each individual API call, and contains additional parameters that control how the request is processed.



"metadata": {
        ... fields related to the specific API call ...

Request Details

The request details contain the content of the request, and are hence unique to each individual API call.



"requestDetails": {
... fields related to the specific API call ...

HTTP Methods

There are two HTTP verbs that can be used to make API calls; GET and POST.

GET requests:


GET /<requestType>?query=...

# where the query cgi parameter is the base-64 then URL encoded form of the JSON basic request structure.



# where iVBORw0KGgoAAAANSUhEUgAAAFEAAAAmCAYAAAC8qHdPAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAALEgAACxIB0t1 is the base-64 encoded version of the JSON request object

POST requests:

POST /<requestType>

, where the POST data of the request is the JSON basic request structure.

Copyright 2017 Ixia, Inc.