Are HTTP actions public and if so can they be documented?

[crashingmotorbikes]

Looking at https://xapi-project.github.io/xapi/architecture.html, along with the cli implementation code here and xenadmin code, I'm wondering if the local-only HTTP APIs are considered public. I'm interested in outside of a XenCenter, XenOrchestra, etc, using these HTTP APIs. If they are, I'm hoping they can be more fully documented.

If they aren't, I'm wondering what option there might be for programmatically uploading a driver iso to a storage repository outside of the "pool_patch_upload" CLI action.

[psafont]

I'm wondering if the local-only HTTP APIs are considered public

I think all of them are exposed publickly, but they are protected by RBAC, so the session_id needs to be passed in the URL, with a ?session_id=XXX. You can see an example on how to get a session_id from xapi using python here https://xapi-project.github.io/xen-api/metrics.html

If they are, I'm hoping they can be more fully documented.

It would be nice if they were programatically documented, indeeed.

If they aren't, I'm wondering what option there might be for programmatically uploading a driver iso to a storage repository outside of the "pool_patch_upload" CLI action.

This call in particular is defined as an HTTP PUT command to /pool_patch_upload.

Putting it all together it's a matter of using an xmlrpc to fetch a session_id and sending a PUT command to https://server.example/pool_patch_upload?session_id=XXX

[crashingmotorbikes]

@psafont thank you for the response. I'm trying to use this PUT endpoint after I have a session_id, simply with curl at first. In verbose output curl states that everything uploads OK, but then I get an error response. Is there a parameter I need to provide with --file-upload like "vdi="? I'll be sure to respond with the exact error response shortly.