API

The access code request API is implemented in all GIS firmware versions and is available to PoS vendors and other systems integrators upon request.

The GIS firmware includes a firewall from the DMZ to the private network to ensure compliance of the PCI-DSS recommendations.

The firewall prevents any DMZ public access to the private subnet, which protects sensitive information stored in PoS computers.

The GIS-gateway has four LAN ports to connect DMZ devices.

The API has three separate functions:

  • Generate one or more codes (up to the limit permitted by the gateway)
  • List access codes available on the gateway with status of each
  • Delete codes and remove from the database

Creating Codes

Codes can be added to the system via a single HTTP call, the URL is:
http://aplogin.com/codes/makecode.cgi

Password for codes needs to be created first at:
http://aplogin.com/admin/password.cgi

If not logged in to the codes interface at http://aplogin.com/codes, the password should be passed as an argument:
http://codes:password@aplogin.com/codes/makecode.cgi

The IP of the GIS device can also be used instead of the hostname.

Parameters to pass are shown in the following table:

Parameter Values
Comments
code Create a name to the code Argument is optional and is not necessary for the call
num Number of codes to create Argument must be included in the call.
The maximum number of codes is limited by the codes available on the gateway
time Time in minutes Argument must be included in the call.
type Type of code:
n=normal/single user
m=multi-user
Argument must be included in the call.
download Download limit(kbps) Argument is optional and is not necessary for the call
upload Upload limit (kbps) Argument is optional and is not necessary for the call
downlimit Download data limit (mbps) Argument is optional and is not necessary for the call
uplimit Upload data limit(mbps) Argument is optional and is not necessary for the call


An example call would be:
http://aplogin.com/codes/makecode.cgi?num=1&time=30&type=n

This would create a normal, single user code with a 30 minute duration.

The API call will either return a new code which is ready to use or an error; the possible errors are listed below:

  • ERROR: Invalid parameters
  • ERROR: You can't create more than XX codes
  • ERROR: Code type not valid
  • ERROR: Code time not valid
  • ERROR: Code upload limit not valid
  • ERROR: Code download limit not valid

Deleting Codes

Codes can be deleted from the system via a single HTTP call, the URL to use is:
http://aplogin.com/codes/deletecode.cgi

Parameters to pass include:

Parameter Values
Comments
code code to be deleted Argument must included in the call.


An example call would be:
http://aplogin.com/codes/deletecode.cgi?code=876DTW

This would remove the code 876DTW if it exists on the system.

The API call will either return OK or an error; the possible errors are listed below:

  • ERROR: Invalid parameters
  • ERROR: Code does not exist
  • ERROR: Unable to delete code

Viewing Codes

Codes cannot be tested individually but a call can be made to list all of the codes on the system, it is then up to the software making the API call to parse the data returned and present it in the format required for the user or make any search or tests required on a code.

A list of codes can be obtained from the system via a single HTTP call, the URL to use is:
http://aplogin.com/codes/showcode.cgi

There are no parameters to pass for this API call.

The API call will either return a list of codes or an error message, the list of codes are presented in a tab (\t) delimited format with a header row.

CODE TIME TYPE USED LEFT DOWN UP
113DRW 2 n Yes Expired * *
1AT1AQ 30 t No 30 * 100
3B0AQ0 2 n Yes Expired * *
61QG8G 30 t No 30 * *
8CWJLE 30 n No 30 * *
94KH4E 30 n No 30 * *
ARLGH0 30 m No 30 * *
BJKBH7 2 n Yes Expired * *
M47TGF 32 t No 32 * 999
WY7W0R 2 t No 2 * 999


Get list of allowed MACs

http://aplogin.com/admin/macmanage.cgi?list=allowed

Get list of blocked MACs

http://aplogin.com/admin/macmanage.cgi?list=blocked

Block a MAC

The MAC address needs to be written in the colon separated format.
http://aplogin.com/admin/macmanage.cgi?mac=00:11:22:33:44:55&action=block

Allow a MAC

The MAC address needs to be written in the colon separated format.
http://aplogin.com/admin/macmanage.cgi?mac=00:11:22:33:44:55&action=allow

Enable Remote Management

Remote management can be enabled by substituting aplogin.com for the IP address of the gateway.