Client API
Integrate VPN into any application
1. Overall API flow
Generally, API calls are divided by 3 groups:
Authorizing-related - provides authentication token to access further API calls.
Discovery-related - provides credentials to target VPN node.
Tunnel-related - manages actual wireguard tunnel
Please, take a look to next diagram to get actual requests sequence.
2. Errors
2.1. Generic description
All errors are returned with meaningful HTTP error code and JSON body with more detailed information. For example, syntax error will return HTTP 400 error with next body:
{
result: "INVALID_ARGUMENT",
error: "Invalid request",
details: "invalid character '\\n' in string literal"
}
Check table below for fields description.
Field
Description
result
A predefined set of strings, identifying the type of happened error. See below all types.
error
More detailed error information.
details
Some extra information about error.
2.1. List of errors
HTTP code
Result code
Description
500
INTERNAL_ERROR
Any unexpected behavior of backend components.
400
INVALID_ARGUMENT
Invalid request data, like syntax or type errors.
404
NOT_FOUND
Managed entity is not found (for example, when ping request is done for outdated peer).
409
ENTRY_EXISTS
Can't create entry due to conflict. Can happen when wireguard key is already used.
500
STORAGE_ERROR
Internal storage failure.
500
TUNNEL_ERROR
Tunnel management failure.
401
UNAUTHORIZED
Request requires authorization.
401
AUTH_FAILED
Request can't be done with provided authorization data.
507
INSUFFICIENT_STORAGE
Out of resoures to perform request.
503
SERVICE_UNAVAILABLE
Happens with request is done while service is shutting down or restarting.
3. Authorizer API
3.1. Authorize client
URL: https://thefend.com/api/client/signin
Method: POST
Authentication: None
Query string: None
Request body: JSON
OBJECT
{
project*: string
client_platform*: string
client_version*: string
device_id*: uuid
auth_type*: string
auth_info*: string
}
Response body: JSON
OBJECT
{
access_token*: string
refresh_token: string
discovery_addresses: [uri]
}
4. Discovery API
4.1. List locations
URL: https://thefend.com/api/client/locations
Method: GET
Authentication: Bearer
Query string: None
Request body: None
Response body: JSON
ARRAY
[
{
id*: string
name*: string
labels: {}
}
]
4.2. Get location nodes
URL: https://thefend.com/api/client/credentials
Method: GET
Authentication: Bearer
Query string: location=<LOCATION_ID>
Request body: None
Response body: JSON
ARRAY
[
{
id*: string
connection_addresses: [string]
}
]
5. Tunneling API
5.1. Initiate connection.
URL: https://some-server-name.thefend.com/api/client/connect
Method: POST
Authentication: Bearer
Query string: None
Request body: JSON
OBJECT
{
type*: enum
info_wireguard *: {
public_key: string
}
identifiers* {
installation_id: uuid
session_id: uuid
}
location: string
}
Response body: JSON
OBJECT
{
info_wireguard: {
server_public_key*: string
server_ipv4*: ipv4
server_port*: integer
tunnel_ipv4*: ipv4
keepalive*: integer
allowed_ips*: [string]
dns*: [ipv4]
ping_interval*: integer
}
}
5.3. Heartbeat request.
URL: https://some-server-name.thefend.com/api/client/ping
Method: POST
Authentication: Bearer
Query string: None
Request body: JSON
OBJECT
{
installation_id: uuid
session_id: uuid
}
Response body: None
5.3. Drop connection.
URL: https://some-server-name.thefend.com/api/client/disconnect
Method: POST
Authentication: Bearer
Query string: None
Request body: JSON
OBJECT
{
installation_id: uuid
session_id: uuid
}
Response body: None
Last updated
Was this helpful?