my cheat sheet on …

1. Virtualize everyting: to give organizations freedom of choice to run any service anywhere, independent of the underlying platform—physical or virtual, on premises, or in the cloud.
2. Designed for automation: to make networks and services on those networks easy to deploy, manage, and maintain—fundamentally changing the approach to network management.
3. Pervasive analytics: to provide insights on the operation of the network, IT infrastructure, and the business—information that only the network can provide.
4. Service management: delivered from the cloud to unify policy and orchestration across the network—enabling the agility of cloud with the security and control of on-premises solutions.
5. Open, extensible and programmable at every layer: integrating Cisco and third-party technology, open APIs, and a developer platform, to support a rich ecosystem of network-enabled applications.

• Insights and actions to drive faster business innovation
• Automation and assurance to lower costs and complexity while meeting business and user expectations
• Security and compliance to reduce risk as an organization continues to expand and grow.

1. Layer 1: The network element layer: Here, you have physical and virtual devices that bring together the network. A core principle at the network layer is virtualization. You can use Cisco Enterprise Network Functions Virtualization (E-NFV), which builds the full software stack from the infrastructure software that can reside on servers, to virtualized network functions like routing, firewalls, and the orchestration tools to support E-NFV on physical and virtual devices. The evolved Cisco IOS XE Software is much more open and programmable with model-driven APIs. In addition, you can more easily tap into the intelligence provided by the operating system and ASIC to support customized applications.
2. Layer 2 is the platform layer: Here, use controllers to fully abstract the network and automate all-day 0, 1, and 2 functions. Through centralized policy control, you can allow IT to provide the business intent and have the controller drive enforcement dynamically through the network. Also at this level is where you can gather rich data analytics. A single analytics platform is used to provide structured data and open APIs that both Cisco and third parties can use to contextualize insights—relevant for businesses to better understand user behavior or Internet of Things (IoT) data, as well as IT to troubleshoot issues or identify threats faster.
3. Layer 3 is the network-enabled applications layer: Layer 3 supports important business services like collaboration, mobility, and IoT. Both Cisco and third parties can write once and gain the intelligence of the network to better understand patterns (by correlating user, app, device data) for use cases that range from capacity planning to testing customer promotions.

1. Cloud managed -securely manage all elements through a single pane view
2. Cloud edge providing critical network functions at the edge to support businesses moving their operations to the cloud
3. Cloud delivered enabling flexible subscription models where possible, minimizing infrastructure burden.

Delivering policy based orchestration.

Northbound REST API provides consistently structured was to access DNA Center platform. It provides policy-based abstraction of business intent, allowing you to focus on an outcome to achieve

The Intent API is hierarchically structured into functional domains and subdomains.

For example, the Devices Subdomain lets you do CRUD operations on the devices in the network. You can filter on many criteria to find the device you need.

The RESTful Cisco DNA Center Intent API lets you use HTTPS verbs:

• GET
• POST
• PUT
• DELETE

and JSON syntax to discover and control your network. Intent API can be divided into multiple groups:

See Intent API docs

Here are three examples of the intent API

1. GET https://dnacenter-ip/dna/intent/api/v1/interface/count to get device interface count
2. POST https://dnacenter-ip/dna/intent/api/v1/network-device to add a device
3. GET https://dnacenter-ip/dna/intent/api/vi/network-device to get device list

Responses will be in JSON format. Always.

Enables you to:

• retrieve information about available software images,
• import images into Cisco DNA Center,
• distribute images to network devices, and
• activate images that have been installed on devices.

Enables you to manage PnP projects, settings, workflows, virtual accounts, and PnP-managed devices.

Generates a security token that encapsulates the privileges of an authenticated REST caller. Cisco DNA Center authorizes each requested operation according to the access privileges associated with the security token that accompanies the request.

Allows Cisco DNA Center to connect to other systems. These are the westbound interfaces, typically ITSMs. (IT Service Management s/w)

• {{dnac}} sandboxdnac2.cisco.com
• {{port}} 443
• {{username}} devnetuser
• {{password}} Cisco123!

• {{dnac}} sandboxdnac2.cisco.com
• {{port}} 443
• {{username}} devnetuser
• {{password}} Cisco123!
• {{token}} VGhpcyBpcyB0aGUgdG9rZW4gcmV0cmlldmVkIGZyb20gRE5BQyBlYXJsaWVyCg==

Python code had the x-auth-token as a header:

url = "https://" + dnac + ":" + port + "/dna/intent/api/v1/network-device"
headers = {
  'Content-Type': 'application/json',
  'Accept': 'application/json',
  'x-auth-token': env_user_zp.DNAC_TOKEN
}
response = requests.request("GET", url, headers=headers, data=payload, timeout=400)
# this env_user_zp.DNAC_TOKEN is the long version, not the base64 encoded user/pass

url = "https://sandboxdnac.cisco.com"
username = "devnetuser"
password = "Cisco123!"

First, use HTTPS Basic Authentication to generate an authentication cookie and security token to then use for subsequent requests. HTTPS Basic uses TLS to encrypt the connection and data in a HTTP Basic Authentication transaction.

import base64
def to_base64(s):
    return base64.b64encode(s.encode('utf8')).decode('utf8')

url = "https://sandboxdnac.cisco.com/"
username = "devnetuser"
password = "Cisco123!"
api_endpoint = url + "/dna/system/api/v1/auth/token"
method = "POST"
creds = to_base64(f'{username}:{password}') 
header = {"Authorization": f"Basic {creds}"}
# header = {"Authorization": 'Basic ZGV2bmV0dXNlcjpDaXNjbzEyMyE='} # manually

See authentication-API docs for up-to-date info .https://developer.cisco.com/docs/dna-center/#!authentication-api

Sent a POST to /dna/system/api/v1/auth/token with these headers: or…… Sent a POST to /dna/system/api/v1/auth/token with these headers:

If you use /api/system/v1/auth/token : that works too but you must set the Authorization header as shown in this postman screen capture. This worked as of Feb 1, 2021.

And this approach needs the Auth approach:

As you can see from the 200 OK, all these methods worked.

• Content-Type application/json
• Authorization string # ** base64 encoding must be done right
• Accept application/json

Response is a token, that becomes X-Auth-Token header. i.e. all remaining requests should include X-Auth-Token: "eyJ0egZG51Jg.agLhgwKBacAqppadgaRe"

curl -L –request POST \ –url https:///dna/system/api/v1/auth/token?hostname=Switch1 \ –header 'Content-Type: application/json' \ –header 'Authorization: string' \ –header 'Accept: application/json'

Where string could be ZGV2bmV0OkNpc2NvMTIzXCE= or other base64 encoded credentials.

import requests

url = "https:///dna/system/api/v1/auth/token?hostname=Switch1"

payload = None

headers = {
    "Content-Type": "application/json",
    "Authorization": "string",     # base64 encode of user:password
    "Accept": "application/json"
}

response = requests.request('POST', url, headers=headers, data = payload)

print(response.text.encode('utf8'))

Here's what I did using python.

import base64
auth = b'devnetuser:Cisco123!'
base64.b64encode(auth)

Note that b64encode requires a bytes type object, NOT a string. So if I was to make auth = 'devnetuser:Cisco123!' the encoding with fail

This catagory includes four sub-headings:

1. Sites
2. Networks
3. Devices
   • https://sandboxdnac.cisco.com/dna/intent/api/v1/network-device (GET) (retrieves a list of ALL devices on the network)
   • Narrow the returned list by using query parameters such as:
     • ?hostname=Switch1
     • ?managementIpAddress=10.1.1.1
     • ?macAddress=…
     • ?serialNumber=
     • ?location=
     • ?family
     • ?type
     • ?series
     • collectionStatus

   These all go at the end of the above API call. You can put more than one in a request by separating them with a snowman, "&"

4. Clients

This might be outdated. Look to developer.cisco.com/docs for up-to-date info.

These docs are specific to a given release. Always check the release. Here is the link for version 1.3.3.x

Well DNA-Center API has north, south, and east-west bound APIs.

• Northbound API Intent Based API IBN
• Southbound API Multivendor SDK
• Eastbound API Webhooks, Events & Notifications API
• Westbound API Integration API, ITSM/IT4IT, Assurance