Mike Swanson
6fdc21d955
New backend reaching ANY of the ~36 ACG UniFi consoles remotely via api.ui.com with the
account key (vault services/unifi-site-manager) - no UOS server, no LAN/VPN. Mapped the API
surface empirically (key live), corroborated by grok+gemini web search:
- Tier 1 (Site Manager): fleet/devices/sites/isp commands - inventory, site health (counts,
IPS, ISP/ASN), and WAN/ISP time-series (latency/throughput/downtime).
- Tier 2 (CLOUD CONNECTOR -> console LOCAL Network API = UOS PARITY): the `net` command proxies
/v1/connector/consoles/<id>/proxy/network/api/s/<site>/stat/{device,sta}, returning the SAME
ace_stat depth as the UOS Mongo path - per-radio cu_total airtime/channel/bw/tx_power/num_sta/
satisfaction and per-client rssi/signal/noise/satisfaction/rates. Verified live on Brooklyn/
Skybar (standalone UDM, WAN-firewalled): `net brooklyn radios` + `net brooklyn clients` work.
This achieves parity with (and broader coverage than) the UOS server for non-UOS consoles.
Added references/site-manager-api.md (full catalog + 3 tiers), a Plane 3 note in SKILL.md, and
updated the reference memory. Read-only; POST actions (device restart, client block) exist, not wired.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2.4 KiB
2.4 KiB
name, description, metadata
| name | description | metadata | ||
|---|---|---|---|---|
| reference_unifi_site_manager_api | UniFi Site Manager cloud API (api.ui.com) + its CONNECTOR proxy give remote access to the WHOLE ACG UniFi fleet (~36 consoles) outside UOS - AND full UOS-parity RF/client data via the connector. Key vaulted at services/unifi-site-manager; backend = unifi-wifi skill gw-sitemanager.sh. |
|
ACG has a UniFi Site Manager / Cloud API key (account owner mike@azcomputerguru.com)
that reaches every ACG UniFi console remotely - no UOS server, no on-site/LAN access. This is
the "access a UDM outside the UOS environment" path, and via the connector it reaches
UOS-parity depth. Backend: .claude/skills/unifi-wifi/scripts/gw-sitemanager.sh.
Full catalog: .claude/skills/unifi-wifi/references/site-manager-api.md.
- Base:
https://api.ui.com- Auth: headerX-API-KEY: <key>+Accept: application/json. - Key: vault
services/unifi-site-manager(credentials.api_key). - Tier 1 (Site Manager, fleet overview):
GET /v1/hosts(~36 consoles: id, WAN ipAddress, controllers+integrationApis),/v1/sites(health counts, IPS, ISP/ASN),/v1/devices(inventory: name/model/ip/state/fw),/v1/isp-metrics/{5m,1h}(WAN latency/throughput/downtime time-series). Inventory + health + WAN, NOT per-radio/per-client. - Tier 2 (CONNECTOR -> console LOCAL Network API = UOS PARITY):
https://api.ui.com/v1/connector/consoles/{hostId}/proxy/network/<path>with the SAME account key./proxy/network/api/s/{site}/stat/device->radio_table_stats(cu_total airtime, channel, bw, tx_power, num_sta, satisfaction) - the SAME depth as UOS Mongoace_stat./proxy/network/api/s/{site}/stat/sta-> per-client rssi/signal/noise/satisfaction/rates./proxy/network/integration/v1/...-> official Integration API (sites/devices/clients + POST actions: device restart, client block/unblock).- site short name is usually
default. Confirmed live on Brooklyn/Skybar 2026-06-17. - == parity for ANY console remotely (broader than UOS, which only sees UOS-adopted sites).
- Standalone consoles: direct WAN SSH/HTTPS to a UDM is usually FIREWALLED (e.g. Brooklyn/Skybar
67.1.139.219 - 22/443/8443 filtered). Use the connector; per-console device SSH pw under
clients/<slug>/udm-ssh(e.g. clients/brooklyn-skybar/udm-ssh).
Relevant to extending unifi-wifi to non-UOS sites. See reference_resource_map.