Granting Client Devices API Access

To be granted secure access to the Stratusphere API, a user must be an Administrator of the Stratusphere Web Interface. Access to the API can be controlled by the IP address of the client machine and should be reviewed as part of the Stratusphere Configuration before you use it.

To review API access settings, complete the following steps:

  1. Open the Stratusphere Web client by entering the Hub IP or DNS name in a web browser.
  2. Log in to the Administration module using your User Name and Password. The default Administration Interface credentials for the Stratusphere Hub web version are:
  3. Username: ssadmin
  4. Password: sspassword

  5. Note: For AWS, use your VM Instance ID for the password.

  6. Go to the Hub Administration > Configuration tab and click to open the Security Settings section. 
  8. You can use the API Client IPs, Whitelist, or Blacklist fields individually or in combination to control access to your Stratusphere data. For each field, you can enter multiple IP addresses or IP ranges separated by commas. 
    • API Client IPs: (Optional) Enter the specific IP addresses or subnets that are allowed to access information from the Stratusphere Database using the API without requiring user and password authentication. Older versions initially required that either the API Client IPs or Whitelist field be used to grant API access. However, for improved security, it is no longer recommended to explicitly grant access via this Legacy API Client IP list.
    • Whitelist: (Optional) Enter the specific IP addresses that are allowed to access information from the Stratusphere Database using the API through user and password authentication. The default is to leave this field blank for wider access. If any IP addresses are listed, API access is restricted to only those IP addresses in the whitelist that can authenticate their identity. Liquidware enhanced security around the Stratusphere API by disallowing usage of the default ssadmin user or any password that contains the word password in it. Liquidware recommends creating a different set of users that are allowed API access using best practices around password security.
    • Blacklist: (Optional) Enter the specific IP addresses that are blocked from having access to the Stratusphere Database using the API through user and password authentication.
  9. Examples

    • Single IP Address: 10.10.10.1

    • IP Range using CIDR format: 10.10.10.0/24

    • Multiple Addresses: 10.10.10.1, 10.10.10.0/24, 123.245.167.0

  10. Click the Save Changes button. The API is now securely enabled for the IP address or range entered.

Tip: If you do not know the machine IP address, launch the API first by following the steps described in the following sections. The web page will return an error message that contains the IP of the machine.