Samples

In the following examples, we assume that you've already obtained a token with your service account:

TOKEN=$(gcloud auth print-access-token)

We also assume that you've already set ${CLIENT_PROJECT} to the project ID of the Google Cloud Project.

List current customers

The following command returns all of the customers that the caller has access to:

curl -X GET -H "X-Goog-User-Project: ${CLIENT_PROJECT}" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer ${TOKEN}" \"https://sasportal.googleapis.com/v1alpha1/customers"

For convenience, save the Customer name that was returned into a variable:

CUSTOMER_NAME=customers/...

Create a new device configuration

First, set the ${FCCID} and ${SN} of the device that you want to create:

FCCID=f1
SN=sn1

Then create the device configuration with the following command:

curl -X POST -H "X-Goog-User-Project: ${CLIENT_PROJECT}" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer ${TOKEN}" \ "https://sasportal.googleapis.com/v1alpha1/${CUSTOMER_NAME}/devices" \
  -d "{ \"fcc_id\": \"$FCCID\", \"serial_number\": \"$SN\", \"preloaded_config\": { \"call_sign\": \"cs1\", \"category\": \"DEVICE_CATEGORY_A\"}}"

The command returns a newly created device configuration. For convenience, save the device name into a variable:

DEVICE_NAME=customers/.../devices/...

List current devices

The following command lists existing devices.

curl -X GET -H "X-Goog-User-Project: ${CLIENT_PROJECT}" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $TOKEN" \ "https://sasportal.googleapis.com/v1alpha1/${CUSTOMER_NAME}/devices"

Retrieve device by name

The following command retrieves devices by name.

curl -X GET -H "X-Goog-User-Project: ${CLIENT_PROJECT}" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $TOKEN" \
  "https://sasportal.googleapis.com/v1alpha1/${DEVICE_NAME}"

Update existing device

The following command updates existing devices.

curl -X PATCH -H "X-Goog-User-Project: ${CLIENT_PROJECT}" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $TOKEN" \
  "https://sasportal.googleapis.com/v1alpha1/${DEVICE_NAME}" \

Validate your CPI identity and certification

Use the following example to generate the secret string:

curl -X POST -H "X-Goog-User-Project: ${CLIENT_PROJECT}" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $TOKEN" \ "https://sasportal.googleapis.com/v1alpha1/installer:generateSecret" \
  -d "{}"

This returns a value with the following form:

{
  "secret": "<generated secret>"
}

The secret string must then be encoded into a JWT. Use the JSON Web Token format. We assume that you've set ${SECRET} to the secret string, ${ENCODED_SECRET} to the JWT string, and ${CPI_ID} to the ID of the CPI to validate.

The following command validates the identity and certification of the CPI.

curl -X POST -H "X-Goog-User-Project: ${CLIENT_PROJECT}" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $TOKEN" \ "https://sasportal.googleapis.com/v1alpha1/installer:validate" \
  -d "{ \"installer_id\": \"${CPI_ID}\", \"secret\": \"${SECRET}\", \"encoded_secret\": \"${ENCODED_SECRET}\" }"

The CPI now has the ability to install a CBSD that has all of the required parameters.

Multi-step CBSD registration

There are two ways to perform multi-step CBSD registration covered in the following two sections. You can perform multi-step CBSD registration with parameters previously signed by a CPI or with a CPI account.

With device parameters previously signed by a CPI

This sample shows how to create an inactive device configuration with CBSD installation parameters previously encoded by a CPI, so the configuration can be created even by non-CPI users. Use the CPI's private key to encode the CBSD parameters. We use the JSON Web Token format to do this. We assume that you have set ${ENCODED_DEVICE} to the JWT string and ${CPI_ID} to the ID of the CPI.

The inactive device configuration can then be created with the following command:

curl -X POST -H "X-Goog-User-Project: ${CLIENT_PROJECT}" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer ${TOKEN}" \ "https://sasportal.googleapis.com/v1alpha1/${CUSTOMER_NAME}/devices:createSigned" \
  -d "{ \"installer_id\": \"${CPI_ID}\", \"encoded_device\": \"${ENCODED_DEVICE}\", \"parent\": \"${CUSTOMER_NAME}\" }"

The CBSD must then send a registration request to the SAS to complete its registration.

With a CPI account

First, the CPI’s identity must be validated before you attempt to validate a device configuration. Once that's done, use the following command to create an inactive device configuration:

curl -X POST -H "X-Goog-User-Project: ${CLIENT_PROJECT}" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $TOKEN" \ "https://sasportal.googleapis.com/v1alpha1/${DEVICE_NAME}:signDevice" \
  -d "${DEVICE}"

We assume that you've set ${DEVICE} to be the JSON representation of the CBSD registration parameters in this format.

The CBSD must then send a registration request to the SAS to complete its registration.