Download OpenAPI specification:Download


The NMC API is based on REST principles and data resources are only accessable via HTTPS to ensure all communication is encrypted. In general, the API uses standard HTTP methods as described below:

GETUsed for retrieving resources.
POSTUsed for creating resources.
PATCHUsed for updating resources.
DELETEUsed for deleting resources.
HEADUsed to determine a resource exists.

Request Bodies

In the case of all PATCH and some POST methods, a JSON-formatted body is used to add the necessary arguments for the request.


When a request is successful, a response body will typically be sent back in the form of a JSON object. Data returned in a JSON object is described for each endpoint below. A typical successful request will return with a status code in the 200 range.

Return codes in the 400 range typically indicate that there was an issue with the request that was sent. A status code in the 500 range generally indicates a server-side problem.


When listing resources that contain many items, the result may be paginated. By default, 50 objects are returned per page. You may include both a limit and an offset query parameter. The limit indicates the maximum number of items to return. The offset indicates the starting position of the query in relation to the complete set of unpaginated items. For instance, to show only two results per page, you could add ?limit=2 to the end of your query.

Refer to the schema definition for additional information on Paging objects below.

Rate Limit

The number of authentication requests that can be made through the NMC API is currently limited to 10 per minute.

Most POST/PUT/PATCH/DELETE requests are limited to 1 request per second, all others are limited to 5 per second.

If a request was denied due to exceeding the rate limit, a response code of 429 is returned and an error named "throttled". To continue using the NMC API, the user will have to wait the duration of time noted in the description.

Non-Blocking API

The NMC API is non-blocking. In other words, any request made gets an immediate response.

Any request that isn't a listing will result in a message that is sent to the Filer. Generally, if a message is sent, you will get a 202 status code response with a message in the response body. This is the case for creating or updating resources.

To poll a message for its status, perform a GET request on the resource. A "synced" status means that the action was successfully performed. Otherwise, you will see that the resource has a "failed" or "error" status with appropriate detail on why the message failed.

Additionally, when creating or updating resources, there may be an applied_resource field in the response body that becomes available after the message is "synced".


Before any calls to NMC API can be made, the 'Enable NMC API Access' permission must be set within the Nasuni Management Console on the group of any user wishing to have access.

To recieve an authentication token, you must first issue a POST request to the /auth/login/ endpoint passing username and password as request body parameters. A successful response will return a JSON object containing a token and expires date time. At this point the token should be used for all future requests and the username/password no longer needed. The format of the Authorization header is: Authorization: Token [TOKEN]

Copyright © 2022 Nasuni Corportation. All right reserved.