Introduction

To integrate with Juniper's Support CRM systing using the Case APIs, it is simple. Decide on an authentication mechanism, review the onboarding process for the authentication mechanism chosen and then complete this Onboarding Request Form. Juniper will contact you via email and provide a document with YOUR protected API URLs and other metadata. You can then commence integration testing in a non-production environment. Once the testing phase has been successfully completed Juniper will develop your cutover plan for integrating into the production environment.

Client OIDC-based Onboarding Process

OIDC-based authentication uses a Client IdP-issued ID token. This table lists the high-level steps for setting up authentication and invoking Juniper’s SR APIs.

Action

Who?

Review the Juniper Support API license/Terms of Use. Partner
Open the firewall ports. Partner and Juniper
Register the Juniper API gateway app in the partner's IdP. Partner
Exchange the ID token with Juniper.
This ID token is to be provided in the Authorization header of the API requests.
Partner
Generate and share the unique application ID with the partner.
This application ID must be provided in every API request JSON payload.
Juniper
Create a Partner profile in the Juniper API gateway with OIDC as the authentication mechanism. Juniper
Create APIs and assign the Partner profile. Juniper
Share the API endpoints with the Partner. Juniper
Validate that the partner can invoke the APIs by passing the ID token in the Authorization header. Partner
Provide the secure endpoint for Juniper to post SR notifications. Partner
Establish the Customer Source Identifier. Juniper and Partner collaborate
Specify the `userId` expected in requests and the `accountIDs` for managing SRs via this channel. Partner
Specify to Juniper an email aliases that can be used to send an email when Juniper is NOT able to connect to the endpoint. Partner

Client Certificate-based Onboarding Process

Certificate-based authentication uses a client/application public certificate when invoking APIs. The following table lists the high-level steps for setting up authentication and invoking Juniper’s SR APIs.

Action

Who?

Review the Juniper Support API license/Terms of Use. Partner
Open the firewall ports. Partner
Create the private/public key pair for the Partner application. Partner
Provide Client Certificate to Juniper.
For Non-Production environment, you may choose to provide Self-Signed certificate. If providing self-signed certificate ensure that you provide Juniper the complete Certificate Chain (Intermediates, Root certificates) which were used to sign the given self-signed certificate.
For Production environment, a CA issued certificate must be provided.
Partner
Create the Partner profile in the Juniper API gateway with the Client certificate as authentication mechanism. Juniper
Create APIs and assign the Partner profile. Juniper
Generate and share the unique application ID with the Partner.
This application ID is to be provided in every API request JSON payload.
Juniper
Share the API endpoints with the Partner. Juniper
Validate that the partner can invoke the APIs presenting the certificate during the SSL handshake. Partner
Provide the secure endpoint for Juniper to post SR notifications. Partner
Establish the Customer Source Identifier. Juniper and Partner collaborate
Specify the UserId expected in requests and the AccountIDs for managing SRs via this channel. Partner
Specify to Juniper an email aliases that can be used to send an email when Juniper is NOT able to connect to the endpoint. Partner