Getting Started
  • 30 Jan 2024
  • 2 Minutes to read
  • Contributors

    Getting Started

      Article summary

      About Harmony SASE

      Harmony SASE provides secure access to local networks, applications and cloud infrastructures with one unified platform. By transforming the outdated, hardware-based security appliances into a cloud-based SaaS solution, we are simplifying network security for the modern and distributed workforce and helping organizations of all sizes and in many industries to secure their remote workers.

      API Classes

      All API requests should be sent to the relevant path classes under the main Harmony SASE API Gateway URL - The main path classes are Users, Groups, Addons, and Networks (while additional path classes will be introduced soon).

      • Users, also known as members, belong to Groups.
      • Groups consist of applications, networks, locations, and users.
      • Networks hold information, such as geographic location, regions, health status, and details about instances and regional identity providers.
      • Addons consist of license and billing information for members and gateways and form the basis of a Subscription

      Applications, Devices, Logs, and Settings will be released soon.

      Getting Started

      In order to access the Harmony SASE API, the user must belong to either the Premium Plus or Enterprise plan. If the user does not belong to one of the plans, in the Settings page, the message ‘Your current plan doesn’t include API Support’ will appear under API Support.

      API Rate Limit
      Be aware: As of now, there is an API rate limit of 10 requests per 60 second period, for each IP address.

      Authentication and Authorization

      You may use the Swagger Editor ( to send different API requests to the Harmony SASE API gateway.

      Harmony SASE uses two-step secure tokens for authentication. The first token, known as the API key, is used to generate the second token, a time-based access token.

      Following are instructions for generating the tokens.

      1. In the Web Management Console -> Settings -> API Support, click on (+) Generate New Key.
      2. In the Generate New API Key dialog box, enter the Key Name.
      3. In the Expiration Date dropdown select the validity period of the API Key.
      4. In the Key Permissions dropdown, select the required permissions, such as ‘View list of users’, ‘Add new members’, and ‘Delete groups’.
      5. Click on Generate to create the desired API Key.Once the API Key is generated it will be copied to the clipboard automatically.
      6. The new API Key will be shown in the Active Tokens list.
      7. Now you can use the API Key to generate a temporary access token with a call to the authorize endpoint.

      Base URI

      The base URI to the API is

      Media Type

      The media type for all requests is application/json for all requests.

      Basic Workflow

      The basic workflow consists of:

      1. Add users (members) using POST /v1/users.
      2. Create groups using POST /v1/groups.
      3. Add members to groups using POST /v1/groups/{groupId}/member/{userId}.
      4. Add licenses for members and gateways using POST /v1/addons/members and POST /v1/addons/gateways.
      5. Check the health of the networks using GET /v1/networks/{id}.
      6. Use the GET and DELETE methods to manage the Users and Groups resources.

      Was this article helpful?

      What's Next