Introduction

The Juniper Service Contract APIs are a well-defined set of REST APIs that enable clients to retrieve information for their contracts.

As a first step, Clients wishing to leverage these APIs will need to be authorized for using the Contract API and Onboarded. Client applications can then authenticate and invoke these APIs.

Supported API Authentication Mechanisms

Clients can choose from three authentication mechanisms for connecting to Juniper: OpenID Connect (OIDC), OAuth2.0 and Certificate based. All services are RESTful and invoked over HTTPS.

OIDC (OpenID Connect) Authentication Mechanism

For Clients who have already deployed OIDC within their organization, OIDC would be the preferred choice of authentication mechanism to connect to Juniper Service APIs. Clients who choose this authentication mechanism need to provide Juniper an ID token as part of the Onboarding process.

A good reference describing OpenID Connect can be found here.

OAuth2.0 Authentication Mechanism

The Juniper Service APIs support the popular OAuth2.0 Authorization protocol. Juniper provides a clientid, secret and a token endpoint. Token endpoint is used to obtain an access token by presenting clientid, secret. Each API request is made with header containing the access token information. Juniper will rotate the secret yearly to enforce enhanced security.

A good reference describing OAuth2.0 can be found here.

Certificate-based Authentication Mechanism

The Juniper Service APIs support Mutual SSL authentication or certificate based mutual authentication. Clients choosing this method for authentication need to create a X509 public/private key pair and share the CA signed public certificate with Juniper. Certificate is to be presented during the SSL handshake on each API request. Client needs to provide Juniper with a new CA signed public certificate prior to expiry of the current certificate.

A good reference describing Certificate based (aka MTLS - Mutual SSL authentication) can be found here.

Contracts API Descriptions

ID API, Verb Description Request Limits
1 API: queryContracts
Verb: POST
Synchronously returns contract IDs along with key header data relevant to each contract Limit to last 24 hours or less per request OR
1…1000] Juniper Contract IDs per request OR
1…1000] Juniper SO Numbers per request OR
[1…1000] Partner PO Numbers per request
2 API: queryContractByID
Verb: POST
Synchronously returns entire contract details One Contract ID per request
3 API: queryContractsBulkData
Verb: POST
Synchronously returns S3 links to Contract data files Date range over the last seven days excluding the current day

Business Use Cases

Business Use case Use API Request format API Response format
Data extraction timebound Invoke API 1.
Invoke API 2 for each contract ID returned by API 1.
json json
Data extraction using Juniper Contract IDs Invoke API 1 (optional)
Invoke API 2 for each contract ID returned by API 1 OR
Invoke API 2 directly with the interested contract ID
json json
Data extraction using Juniper SO Numbers Invoke API 1.
Invoke API 2 for each contract ID returned by API 1.
json json
Data extraction using Partner PO Numbers Invoke API 1.
Invoke API 2 for each contract ID returned by API 1.
json json
Data extraction net new changes for one day (the day prior to current day) and go back up to 7 days Invoke API 3 AND
Using S3 links in API 3 response, fetch files from AWS S3.
json json containing links to S3 files.

Files contain contract data in json format.