Overview

Network Edge (NE) is a platform that allows customers to deploy and run virtual network services and appliances, such as routers, load balancers, and firewalls, on a generic device, instead of additional, dedicated hardware. For more information, see https://docs.equinix.com.

Network Edge offers the following capabilities:

  • Edge device lifecycle management - Routers, firewalls, SD-WANs, and many more.
  • Cloud to cloud routing - Connectivity to multiple cloud service providers.
  • SSH user management for virtual devices
  • BGP peering - A single stop for A-side and Z-side peering.
  • VPN configuration

Network Edge is offered to you through the Network Edge portal and REST APIs.

What are Network Edge APIs?

Network Edge APIs are REST APIs that allow customers to interact with Equinix programmatically to create virtual devices and add connections and other services, including BGP Peering. (Refer to the API reference section for more details.)

How do the Network Edge APIs work?

Background

When a customer onboards with Equinix, Equinix generates a set of user credentials that the customer can retrieve by logging in to the Equinix Deverloper Program.

Using the provided credentials, the customer can obtain their OAuth credentials (a Consumer ID and Secret). With their OAuth credentials in hand, the customer can generate OAuth access tokens, which allows them access to the Network Edge APIs.

Refer to Generating Client id and Client Secret under the Getting Access Token section for instructions on how to generate Consumer key and Consumer secret.

Network Edge Workflow

Step 1 - Obtain a perpetual license from the device manufacturer. Alternatively, you can request a subscription license from Equinix for devices that have a subscription offering, e.g. Cisco1000V, Juniper VSRX, and Palo Alto Firewall.

Authorization flow:

Step 2 - Request access and refresh token information by calling the Equinix OAuth API (/oauth2/v1/token) with the Consumer key, Consumer secret, and user credentials.

Refer to Requesting Access and Refresh tokens under the Getting Access Token for instructions on how to obtain an authorization token.

Step 3 - The API gateway makes an OAuth2 call to the identity provider using the submitted credentials.

Step 4 - The identity provider returns an OAuth2Access token to the API gateway.

Step 5 - The API gateway sends back the authorization token details to the client.

API Request flow:

Step 6 - The client submits an API request with the obtained authorization token and the respective API request payload to create a virtual device and create a connection to cloud service providers.

Refer to the Getting Started section for instructions on how to call Network Edge APIs to create devices, establish connections and set up BGP peering and VPN.

Step 7 - API gateway validates the request and calls the relevant APIs to create devices and cloud connections.

Step 8 - The response is received by the API gateway.

Step 9 - The response is sent back to the client.