APIC connections
Manage the Cisco APIC controllers Fabrik queries against. Credentials are Fernet-encrypted at rest.
All endpoints under /api/apic/connections/. A single ViewSet exposes list, CRUD, a per-connection test action, and a collection-level execute_query action.
Resource shape
{
"id": "a3e1f…",
"name": "Production APIC",
"description": "",
"url": "https://apic.example.com",
"username": "admin",
"verify_ssl": true,
"timeout": 30,
"is_active": true,
"is_public": false,
"last_tested_at": "2026-04-22T08:00:00Z",
"last_test_status": true,
"last_test_message": "Connection successful",
"created_by": { "id": 1, "username": "alice", "first_name": "…", "last_name": "…" },
"created_at": "2026-01-15T09:00:00Z",
"updated_at": "2026-04-22T08:00:00Z",
"can_edit": true,
"can_delete": true
}last_test_status is a boolean (true/false/null if never tested), not a status string. is_public shares the connection with other users; can_edit/can_delete reflect the caller's rights on this row.
timeout is the per-request HTTP timeout in seconds applied to every APIC call made through this connection. Default 30; valid range 5–300; the form clamps out-of-range values silently.
The password is write-only — it's Fernet-encrypted in the database (ENCRYPTION_KEY) and never returned. To change the password, send it again on a PATCH.
Endpoints
GET /api/apic/connections/
Paginated list of connections visible to the user (their own plus public ones; admins see all). This ViewSet has no search/ordering query parameters.
POST /api/apic/connections/
Create a connection.
Request:
{
"name": "Production APIC",
"description": "",
"url": "https://apic.example.com",
"username": "admin",
"password": "••••••••",
"verify_ssl": true,
"timeout": 30,
"is_public": false
}timeout is optional on create — omit it to use the 30-second default.
Response 201: Full resource shape (without password).
verify_ssl: false disables certificate validation for this connection — acceptable for lab APICs with self-signed certs, never for production. The backend logs a warning every time an unverified connection is used.
GET /api/apic/connections/<id>/
Single connection detail.
PATCH /api/apic/connections/<id>/
Update any field. Sending password replaces the stored credential; omitting it leaves the existing one intact.
DELETE /api/apic/connections/<id>/
Delete a connection. Any saved query or scheduled task pointing at it fails on next execution with a clear error — the frontend surfaces an orphaned-connection warning.
POST /api/apic/connections/<id>/test/
Live test. Opens a session against the APIC, authenticates, and records the result on the row (last_tested_at, last_test_status, last_test_message).
Response 200 (success):
{ "success": true, "message": "Connection successful" }Response 400 (failure):
{ "success": false, "message": "HTTP 401 — authentication failed" }Unlike some other actions in the API, a failed test returns HTTP 400 (not 200) with success: false; a permission failure returns 403.
POST /api/apic/connections/execute_query/
Collection-level action — run an arbitrary APIC query through one of the caller's connections. Used by the query builder's live execution path.
Request:
{
"connection_id": "a3e1f…",
"query_path": "/api/class/fvTenant.json",
"method": "GET"
}method is one of GET | POST | PUT | DELETE (default GET).