Skip to main content
AI Data Engine

Learn about the AIDE REST API

Contributors dmp-netapp
PDFs

When AI Data Engine (AIDE) is integrated with an ONTAP storage system such as AFX, the existing ONTAP REST API is enhanced through additional endpoints to support the new AI-focused features. If you plan to use the REST API to administer AIDE, you should first learn about its characteristics and basic operation.

Characteristics of the extended REST API

AIDE extends the ONTAP REST API on an AFX storage system with additional capabilities. This provides clients with a single, familiar management entry point while allowing ONTAP to coordinate necessary work performed on the Data Compute Nodes (DCNs). At a high level, the relevant characteristics of the enhanced REST API include:

  • ONTAP remains the primary access path for the REST API. Clients continue to use the familiar ONTAP REST API framework, authentication methods, and RBAC model.

  • AIDE adds new REST resources, primarily under the /api/data-engine and /api/dcn subtrees, to manage workspace, data sources, and data collections as well as the internal AIDE components in the AI pipeline.

  • ONTAP acts as an orchestration layer for processing client requests in the following ways:

    • Requests are processed by ONTAP, which communicates and coordinates with services running on the data compute nodes as needed.

    • Separate downstream REST requests are created by ONTAP and sent to the DCN-based services, with a normalized ONTAP-style response returned to the original client.

  • Authorization is layered for the AIDE flows:

    • ONTAP enforces first-level authorization based on RBAC.

    • The DCN-based services can optionally enforce a second level of authorization, including ACL checks for the workspaces and data collections.

This hybrid design enables the AIDE feature set to operate as a natural extension of the ONTAP REST API while leveraging the DCN environment for compute-intensive and AI-specific functionality.

Access and architecture

It's important to understand how clients access the AIDE REST API and how the underlying architecture supports the requests.

Client to ONTAP cluster

REST clients send requests to ONTAP, typically through the cluster management IP address, for AIDE management operations. For example, requested actions can include creating and managing workspaces and data collections. ONTAP authenticates and authorizes the request, issuing additional REST calls to the DCN cluster as needed.

Separate RAG endpoint

A Retrieval-Augmented Generation (RAG) style API call must be issued directly to a DCN. In this case, the DCN extracts the user identity token from the request and calls back to ONTAP for an authorization decision. ONTAP validates the token and performs RBAC checks and returns the authorization result. DCNs can cache these results to improve performance with repeated authorization calls; they also perform any additional resource-level ACL checks before executing the request.

Proxied endpoints exposed by ONTAP

ONTAP also supports proxy-style paths to route HTTP requests to the DCN environment as follows:

  • Requests with paths beginning with /console are proxied to DCNs and used by the AIDE console. They are designed to be reachable without ONTAP authentication acting as the proxy layer.

  • Requests with paths beginning with /dcn are also proxied to DCNs but require authentication by ONTAP. They are commonly used for monitoring integrations.

  • Requests supporting ONTAP-to-DCN service communication can also be proxied. With a client call to an ONTAP REST endpoint, ONTAP may translate it into one or more internal REST calls to the DCN endpoints. Many of the details, such as job polling for asynchronous operations and applying page logic, are handled before returning the final response.

In summary, the AIDE REST API functionality is consumed as an ONTAP-style REST API from the client perspective, while enabling the underlying processing to span ONTAP as well as the DCN-hosted services along with a dedicated RAG entry point.

Reference documentation

Every AFX storage system includes local Swagger (OpenAPI) reference documentation. The documentation describes endpoints, HTTP methods, parameters, and request/response schemas, with examples where appropriate. This is a valuable resource for developers and administrators to understand the AIDE REST API capabilities in detail. For more information about accessing Swagger documentation, refer to REST API reference for the AFX storage system.