End-to-End Example:Create / Import / Enable an Application

  • 2 minute(s) read
Prev Next

This guide shows a complete, real-world workflow to validate an API key and automate application setup using SSW APIs.

What You Will Do

  1. Authenticate API key → get sdp_token
  2. Import an application (JSON file upload) → get app_id / app_name
  3. Enable the application
  4. (Optional) Export the application configuration for verification
  5. Clean up by deleting the application

Auth requirement
All /ztna/v1/... API calls require:

Authorization: Bearer <sdp_token>

Prerequisites

Required

  • API key that can obtain an SDP token

  • SSW base URL, for example:

    https://<your-ssw-host>

  • Connector / Site name (required for import)

  • Edge name (required for import)

Tools

  • curl
  • jq (recommended)

Step 1: Get sdp_token

Request

SSW_HOST="<your-ssw-host>"
APIKEY="YOUR_API_KEY"

curl -s -X POST "https://${SSW_HOST}/iam/v1/apikey/authenticate" \
  -H "Content-Type: application/json" \
  -d "{\"apikey\":\"${APIKEY}\"}" \
  -o sdp_iam_token.json

Extract Token

SDP_TOKEN="$(jq -r '.data.sdp_token' sdp_iam_token.json)"
echo "$SDP_TOKEN"

Step 2: Prepare an Import File (Example)

The import API expects an export-style JSON file.

Below is a minimal example you can start from:

cat > import_apps.json << 'EOF'
{
  "export_metadata": {
    "tenant_name": "<tenant_name>",
    "org_name": "<org_name>",
    "user_name": "<exported_by>",
    "export_time": "2023-04-20T13:34:55Z"
  },
  "app_name_list": [
    "<app_name>"
  ],
  "app_data_list": [
    {
      "id": "<app_uuid>",
      "edge_name": "<edge_name>",
      "site_name": "<connector_name>",
      "name": "<app_name>",
      "display_name": "<app_display_name>",
      "network_name": "<network_name>",
      "protocol": "ssh",
      "group_names": ["_alluser"],
      "hosts": [
        { "host": "<target_host>", "port": 22 }
      ],
      "host": "<target_host>",
      "port": 22,
      "ports": [22],
      "access_type": "all",
      "icon": "ssh",
      "via_private_network": true,
      "enabled": true
    }
  ]
}
EOF

💡 Tip
In practice, many teams first call export_json, modify the exported content, and then import it back.

Step 3: Import the Application

This API uses multipart/form-data and requires:

  • file=@import_apps.json
  • connector=<connector_name>
  • edge=<edge_name>
  • Optional inclusion / exclusion lists

Import Request

CONNECTOR_NAME="dev-qa-auto-testing-kind-connector"
EDGE_NAME="Boardman-1"

curl -s -X POST "https://${SSW_HOST}/ztna/v1/application/import_json" \
  -H "accept: application/json" \
  -H "Authorization: Bearer ${SDP_TOKEN}" \
  -H "Content-Type: multipart/form-data" \
  -F 'inclusion_list[]=' \
  -F 'exclusion_list[]=' \
  -F "connector=${CONNECTOR_NAME}" \
  -F "edge=${EDGE_NAME}" \
  -F "file=@import_apps.json" \
  -o import_result.json

Validate Import Result

cat import_result.json | jq .

IMPORT_CODE="$(jq -r '.code' import_result.json)"
if [ "$IMPORT_CODE" != "0" ]; then
  echo "Import failed:"
  cat import_result.json
  exit 1
fi

Extract app_id and app_name

APP_ID="$(jq -r '.data[0].app_id' import_result.json)"
APP_NAME="$(jq -r '.data[0].app_name' import_result.json)"

echo "APP_ID=$APP_ID"
echo "APP_NAME=$APP_NAME"

Step 4: Enable the Application

curl -s -X PUT "https://${SSW_HOST}/ztna/v1/application/${APP_ID}/enabled" \
  -H "accept: application/json, text/plain, */*" \
  -H "Authorization: Bearer ${SDP_TOKEN}" \
  -H "content-type: application/json;charset=UTF-8" \
  --data '{"enabled":true}' \
  -o enable_result.json

cat enable_result.json | jq .

Step 5 (Optional): Export Application Configuration

This step verifies that the application exists and the configuration matches expectations.

curl -s -X POST "https://${SSW_HOST}/ztna/v1/application/export_json" \
  -H "Accept: application/json, text/plain, */*" \
  -H "Authorization: Bearer ${SDP_TOKEN}" \
  -H "Content-Type: application/json" \
  --data "{\"app_names\":[\"${APP_NAME}\"]}" \
  -o exported_app.json

cat exported_app.json | jq .

Step 6: Cleanup — Delete the Application

curl -s -X DELETE "https://${SSW_HOST}/ztna/v1/application/${APP_ID}" \
  -H "accept: application/json, text/plain, */*" \
  -H "Authorization: Bearer ${SDP_TOKEN}" \
  -o delete_result.json

cat delete_result.json | jq .

Recommended: Retry on Delete Failures

Deletion may be eventually consistent or fail transiently.
Implement retry with backoff if needed (as done in internal test scripts).

Common Pitfalls

  • ❌ Using the API key directly to call /ztna/v1/... APIs
    → Always use sdp_token
  • ❌ Missing connector or edge during import
  • ❌ Uploading an invalid JSON shape (export/import schema mismatch)
  • ❌ Assuming import automatically enables the application
    → You must explicitly call the enable API