Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Getting Started with Paragon Active Assurance

  1. Create a user in Control Center by running this command:


  2. Create an account in Paragon Active Assurance with the user just created as owner:

    Example: Full name = "Example Corporation", short name = example.

    The full name should be enclosed in double quotes. If it is not, any spaces in the name must be escaped with "\".

    In the short name, only the following characters are allowed: a-z, 0-9, "-", and "_".


    The account names are not the same as the owner's or some other user's personal name. The short account name will be used (for example) in the Control Center URL, while the full account name is what will normally be displayed to the user.

    The ncc account-create command should normally be run only once, since by default you will have only one account in Paragon Active Assurance. The user specified as owner automatically gets admin permissions on the account.

  3. Activate the Control Center license.

    Control Center will not be fully operational until a valid license has been activated. Follow these steps to activate a license:

    • Generate a UUID string with the command

    • Log in to the Juniper EMS Portal at with the credentials you have received from Juniper.
    • In the My Product Licenses view, click the Activate button for the relevant license.
    • In the dialog that appears, under SW Version, leave the default choice 3.0 and Above.
    • Under Universal Unique ID (UUID), enter the UUID string you generated in Control Center.
    • Click the Activate button at the bottom of the screen.
    • A license key will now be generated. Download it and save it as a plain-text file cc_license.txt.

    It is vital that you enter the UUID exactly as received from Juniper, using the standard UUID format in lowercase with hyphens: for example, 0a1b2c3d-4e5f-6789-a0b1-c2d3e4f5678.


    If the license activation failed for some reason, for example because you mistyped the UUID, you can click the Revoke button in the My Product Licenses view to revoke the license. You then need to start over with the ncc license license-request command as described above.

    • Now activate the license in Control Center using the command

      This step is necessary in order to give the correct permissions to the account you just created. By default the account will be granted the full range of permissions granted by your license.

      Usually you will have a single license file to activate. However, with Juniper's licensing model, you may in some cases obtain multiple license files. If so, you can either activate them one by one as described above, or you can concatenate them with

      and then activate them all at once.

    • (Normally not needed:) If you are using a proxy together with Control Center, you need to enter the following additional line in the file /etc/environment:

      This is necessary for the license manager to work correctly, so that the product license can be activated.

  4. You are now ready to log in to Control Center with a user and account that you have created.

    • Open the URL SITE_URL in your browser and log in with the credentials specified when creating the user.

    By default, Control Center including the REST API uses self-signed (snakeoil) SSL certificates. The web browser will issue a warning about this. It is strongly advised that you obtain real certificates (signed by a certificate authority). See also the chapter Service Configuration, section SSL Certificate Configuration.

  5. An account in Control Center is like a tenant that multiple users can have access to. Creating additional users can be done either from the command line or in the Control Center web GUI:

    • To create new users from the command line, repeat the command

      with different email addresses as desired.

      To grant a user permissions on your Paragon Active Assurance account, use the command

      where <permission> is one of "none", "read", "write", or "admin".

    • To invite new users and grant them permissions via the Control Center web GUI, go to Account > Permissions.

    For details on what a user is allowed to do at each permission level, see the in-app help under "Setting up your account" > "Administering users and permissions".

  6. If your license allows multiple accounts, you can create further accounts by using the command

    as detailed above. If the admin of such an account is to be the same as for the first account, simply assign the same user as owner; there is then no need to create an additional user.

  7. If you have installed ConfD, you need to configure users as follows:

    • Add permissions to the ConfD user in the Paragon Active Assurance account that will be managed by ConfD. This can be done either in the Control Center web GUI or from the command line. In the latter case, give the following command:

    • To enable access from NETCONF, a user and password need to be set up. Run this command:

      Here, <user name> and <password> are unrelated to your Control Center user name and password. A simple expedient is to use "confd" for both.

  8. Please turn to the in-app help under "Test Agents" for instructions on how to download, install, register, and configure Test Agents:

    • Download and installation on various platforms (including virtualization platforms): "Test Agents" > "Installation"
    • Registration: "Test Agents" > "Configuring from Test Agent local console" > "Registration"
    • Configuration:

      • From the Test Agent local console: "Test Agents" > "Configuring from Test Agent local console"
      • From the Paragon Active Assurance GUI: "Test Agents" > "Configuring from Paragon Active Assurance GUI"