Register a Node via the Trustgrid API
4 minute read
The Trustgrid API exposes a license generation endpoint that allows you to register appliance nodes programmatically — without using the portal UI. This is useful for automated deployments, infrastructure-as-code workflows, and scripted provisioning pipelines.
Overview
The traditional portal workflow for registering a new node appliance is:
- Navigate to the Nodes page and click Add Node
- Enter a node name and click Create License
- Copy the generated license key and use it during node setup
The API-based registration replaces steps 1–2 with a single GET /node/license request and is otherwise identical: the returned license key is used the same way during node installation.
Prerequisites
- A Trustgrid API key (client ID and client secret). See API Access for instructions on generating one. For automated pipelines, consider using a Service User credential instead of a personal API key.
- The API key’s associated user must have the
nodes::managepermission. This is included in thebuiltin-tg-adminpolicy. - A Trustgrid node running a supported image that is ready to be registered.
curland (for the verification step)jqinstalled on the machine running these commands.
API Reference
Generate a Node License
Generates a license key that an appliance node uses to register with your Trustgrid organization.
| Method | GET |
| Path | /node/license |
| Base URL | https://api.trustgrid.io |
| Tag | Appliance |
| Full spec | apidocs.trustgrid.io |
Request
Authentication header
Authorization: trustgrid-token <CLIENT-ID>:<CLIENT-SECRET>
Query parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
name | string | Yes | The name to assign to the new node. Must be unique within the organization. |
Response
| Status | Content-Type | Description |
|---|---|---|
200 OK | text/plain | The license key body — a multi-line plain-text string used during node registration. |
422 Unprocessable Entity | text/plain | Validation error. The response body describes the problem (for example, a duplicate node name). |
Tutorial: Registering a Node via the API
Step 1 — Generate the License Key
Use curl to call the license endpoint with your API credentials and the desired node name. The -f flag causes curl to exit with a non-zero status on HTTP errors:
curl -sf \
-H "Authorization: trustgrid-token YOUR-CLIENT-ID:YOUR-CLIENT-SECRET" \
-G --data-urlencode "name=my-edge-node" \
"https://api.trustgrid.io/node/license" \
-o my-edge-node.lic
A successful response writes the license key to my-edge-node.lic. If the command fails (e.g., curl exits non-zero), check the HTTP response body for the error message — a 422 typically means the node name is already taken.
name parameter becomes part of the FQDN used to identify the node in the portal. Choose a name that clearly identifies the node’s role and location (e.g., prod-gateway-us-east-1). Node names must be unique within the organization.Step 2 — Use the License During Node Setup
The license key generated in Step 1 is used exactly the same way as a license downloaded from the portal. Apply it during Trustgrid node installation per the relevant deployment guide:
Step 3 — Verify the Node Is Registered
Once the node has completed registration and connected to the Trustgrid control plane, you can confirm it is visible via the API. The example below uses jq to filter the node list:
curl -s \
-H "Authorization: trustgrid-token YOUR-CLIENT-ID:YOUR-CLIENT-SECRET" \
"https://api.trustgrid.io/node" | \
jq '.[] | select(.name | startswith("my-edge-node")) | {name, uid, online, state}'
Example output for a successfully registered node:
{
"name": "my-edge-node.your-domain.trustgrid.io",
"uid": "abc12345-...",
"online": false,
"state": "ACTIVE"
}
"online": false until it establishes its first connection to the Trustgrid control plane. "state": "ACTIVE" means the node will attempt to connect to data plane peers once online. The full node FQDN suffix (.your-domain.trustgrid.io) is specific to your organization.Scripted Example
The following shell script combines Steps 1 and 2 into a reusable registration helper. It uses --data-urlencode to safely handle node names with spaces or special characters:
#!/usr/bin/env bash
# register-node.sh — generate a Trustgrid node license via the API
# Usage: ./register-node.sh <node-name> <output-file>
set -euo pipefail
NODE_NAME="${1:?Usage: $0 <node-name> <output-file>}"
OUTPUT_FILE="${2:?Usage: $0 <node-name> <output-file>}"
: "${TG_CLIENT_ID:?Set TG_CLIENT_ID environment variable}"
: "${TG_CLIENT_SECRET:?Set TG_CLIENT_SECRET environment variable}"
echo "Generating license for node: ${NODE_NAME}"
curl -sf \
-H "Authorization: trustgrid-token ${TG_CLIENT_ID}:${TG_CLIENT_SECRET}" \
-G --data-urlencode "name=${NODE_NAME}" \
"https://api.trustgrid.io/node/license" \
-o "${OUTPUT_FILE}"
echo "License saved to: ${OUTPUT_FILE}"
Run it by exporting your credentials as environment variables:
export TG_CLIENT_ID="your-client-id"
export TG_CLIENT_SECRET="your-client-secret"
./register-node.sh my-edge-node my-edge-node.lic
Related Resources
- API Access — how to generate and use API credentials
- Service Users — machine-to-machine credentials for automated integrations
- Remote Console Registration — register a node interactively from the console (no API required)
- Trustgrid API Documentation — full interactive API reference (Swagger UI)
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.