Using Cisco Hyperflex API with Python

Introduction to Hyperflex (HX) API.

Note: All code related to this post is hosted on GitHub

Cisco publishes a pretty extensive documentation related to the HX API. Head to the HX API Documentation page hosted on Cisco’s DevNet. You can also point your browser at the controller VM to access the “live” API documentation build into the system, the url is https://controller_IP/apiexplorer.

Start accessing the API.

To start using the API you must first log into the system by obtaining an access token that will later be used to authenticate any further requests. As per the documentation on the AAA we must issue a POST request to the https://<controller_IP/aaa/v1/auth?grant_type=password&#8217; url. The “body” of our request should look like this:

"username": "string",
"password": "string",
"client_id": "string",
"client_secret": "string",
"redirect_uri": "string"

Most of the parameters for the request are self-explanatory like the “username” or the “password”, but what are “client_id”, “client_secret” and “redirect_uri”. Unfortunately the documentation fails to mention those parameters (as of 2018-January). First I tried some random values but those were not accepted the the API. Luckily the Hyperflex own built in GUI uses the same API with the help of “Developer mode” inside the Chrome browser I was able to determine the correct values:

"username": "string",
"password": "string",
"client_id": "HxGuiClient",
"client_secret": "Sunnyvale",
"redirect_uri": "http://controller_IP"

Now that we know what parameters have to be used, let’s start writing our code:

import requests
import json

# suppress the unverified request messages (when using self-signed certificates)

def get_auth_token():

        url = ''

        payload = {
                "username": "local/root",
                "password": "*******",
                "client_id": "HxGuiClient",
                "client_secret": "Sunnyvale",
                "redirect_uri": ""

                response =,headers=headers,data=json.dumps(payload),verify=False,timeout=4)
                if response.status_code == 201:
                        if  response.json().get('access_token'):
                                print "Got token ok"
                                return response.json()
                print "Failed get a token "
                print response.content
                return None
        except Exception as e:
                print "Post for token failed \n"+str(e)
                return None

if __name__ == '__main__':

        token = get_auth_token()
        if token:
                print json.dumps(token)

Getting the authentication token is a start, now we can progress to something more useful, like getting data out of the system.

to be continued…