mist-wifi-api

name: mist-wifi-api description: Interact with the Juniper Mist WiFi cloud API to manage organizations, sites, access points, WLANs, clients, and retrieve stats. Use when the user wants to automate, query, or configure any aspect of a Juniper Mist wireless environment via REST API. Covers authentication setup, endpoint selection by region, and common CRUD operations across org and site scopes. compatibility: Requires the rest_api_mcp MCP tool to be available. Requires API_AC5_MIST_COM_TOKEN or equivalent region-specific env var to be set. For API calls always check if environment variables are set to know which one to pass in the parameters.

metadata: author: xtf version: "1.0" api-version: "v1" reference: https://www.juniper.net/documentation/us/en/software/mist/automation-integration/topics/concept/restful-api-overview.html

Juniper Mist WiFi API Skill

Use this skill to interact with the Juniper Mist cloud REST API via the rest_api_call MCP tool. Mist is 100% API-backed — everything visible in the portal can be automated via API.

Step 1 — Identify the correct API base_url

Your API base URL depends on which regional cloud your Mist org is hosted on. Find your region by looking at the portal URL: manage.{region}.mist.com. Replace manage with api to get your API host.

Important: The portal subdomain uses manage, the API subdomain uses api. Example: user is on https://manage.ac5.mist.com → base_url = "https://api.ac5.mist.com"

Step 2 — Authentication

Mist API uses Bearer Token authentication. Always use auth_method: "bearer_token". Basic Auth (username/password) is being deprecated in September 2026 — do not use it.

The env var is derived from the API hostname using the standard prefix convention:

Set the token before calling:

export API_AC5_MIST_COM_TOKEN=your_mist_api_token_here
export API_AC5_MIST_COM_ORGID=your_mist_org_id_here

To create a token: log into the Mist portal → Organization → API Tokens, or call POST /api/v1/self/apitokens while logged in via browser.

Step 3 — URL structure

All Mist API endpoints follow this pattern:

/api/v1/{scope}/{scope_id}/{object}

Scopes: orgs, sites, self, installer, const, msp

Examples:

• /api/v1/self — current user info
• /api/v1/orgs/{org_id}/sites — list all sites in an org
• /api/v1/sites/{site_id}/wlans — list WLANs at a site
• /api/v1/sites/{site_id}/stats/devices — device stats at a site
• /api/v1/orgs/{org_id}/inventory — org device inventory

Step 4 — HTTP Methods → CRUD mapping

Step 5 — Rate limiting

Mist limits to 5,000 API calls per hour per token. Prefer org-level calls over site-level loops for large deployments. The login endpoint /api/v1/login is further rate-limited after 3 failures.

Common Call Examples

See references/common-endpoints.md for ready-to-use call patterns covering: self/org info, sites, WLANs, APs, clients, and stats.

Tool call template

Always use the rest_api_call tool with this structure:

{
  "base_url": "https://api.ac5.mist.com",
  "endpoint": "/api/v1/orgs/{org_id}/sites",
  "method": "GET",
  "auth_method": "bearer_token"
}

For POST/PUT include a body:

{
  "base_url": "https://api.ac5.mist.com",
  "endpoint": "/api/v1/orgs/{org_id}/sites",
  "method": "POST",
  "auth_method": "bearer_token",
  "body": {
    "name": "New Site",
    "timezone": "Australia/Sydney",
    "country_code": "AU",
    "address": "1 George St, Sydney NSW 2000"
  }
}

For paginated results use query_params:

{
  "base_url": "https://api.ac5.mist.com",
  "endpoint": "/api/v1/orgs/{org_id}/inventory",
  "method": "GET",
  "auth_method": "bearer_token",
  "query_params": { "page": 1, "limit": 100 }
}

Troubleshooting

• 401 Unauthorized — token is wrong or env var not set. Run rest_api_inspect_env to verify.
• 404 Not Found — wrong org_id or site_id, or wrong regional base_url.
• 429 Too Many Requests — hit the 5,000/hr rate limit. Wait or switch to org-level calls.
• Wrong region — if you get unexpected 404s, confirm you are using api. not manage. in base_url.