home
Naukri Code 360
expand-more
Library
expand-more
DevOps
expand-more
Infrastructure as a Code
expand-more
Configuration Management
expand-more
Puppet
expand-more
Overview of Puppet v4 API
Table of contents
1.
Introduction
2.
POST /puppet/v4/catalog 
3.
Schemas (JSON)
4.
CA V1 API
4.1.
Authorization
5.
Frequently Asked Questions
5.1.
What do you mean by Puppet?
5.2.
What is the use of API in Puppet?
5.3.
Does the Puppet use v1/v2 HTTP API?
6.
Conclusion
Last Updated: Mar 27, 2024
Medium

Overview of Puppet v4 API

Author Tisha
0 upvote
Career growth poll
Do you think IIT Guwahati certified course can help you in your career?

Introduction

In this article, we will learn about the puppet v4 API overview. We will see the different catalogs and schemas in JSON. We can implement several services with the Puppet server via API, and the ‘Puppet agent application’ uses these services to retrieve file data, resolve a node's credentials, and submit reports. We will see the complete Overview of Puppet v4 API.

Puppet

POST /puppet/v4/catalog 

Here we will discuss this for the puppet v4 API. The catalog for the input data to be compiled is submitted as a JSON body with the following form:

{
  "certname": "<node name>",
  "persistence": { "facts": <true/false>, "catalog": <true/false> },
  "environment": "<environment name>",
  # The rest are optional:
  "facts": { "values": { "<fact name>": <fact value>, ... } },
  "trusted_facts": { "values": { "<fact name>": <fact value>, ... } },
  "transaction_uuid": "<uuid string>",
  "job_id": "<id string>",
  "options": { "prefer_requested_environment": <true/false>,
               "capture_logs": <true/false>,
               "log_level": <err/warning/info/debug> }
}


certname (required)

To compile the catalog, the name of the node is required.

persistence (required)

Persistence is vital to enterprise applications because of the required access to relational databases.

environment (required)

To compile the catalog, the name of the environment is required. If prefer_requested_environemnt is true, override the classified environment with this param. If it is false, only respect this if the classifier allows an agent-specified environment.

facts

A hash with a required values key, containing a hash of all the facts for the node. If not provided, Puppet will attempt to fetch facts for the node from PuppetDB.

trusted_facts

A hash with the key of a required value containing a hash of the trusted facts for a node. In a normal agent's catalog request, these would be extracted from the cert, but this endpoint does not require a cert for the node whose catalog is being compiled. If not provided, Puppet will attempt to fetch the trusted facts for the node from PuppetDB or from the provided facts hash.

transaction_uuid

In the puppet v4 API, This id is for tracking the catalog compilation and report submission.

job_id

This id is for the orchestrator job that triggered this run in the puppet v4 API.

Schemas (JSON)

JSON

 For the various HTTP API objects, these JSON files contain schemas. Here is the puppet v4 API. Some of them are:

  • environments.json
  • error.json
  • report.json
  • host.json
  • facts.json
  • catalog.json
  • file_metadata.json
  • node.json
  • json-meta-schema.json
  • Status.json    

CA V1 API

All the endpoints that support Puppet's public key infrastructure (PKI) system are contained by the certificate Authority API.

The Certificate Authority V1 API endpoints used the same format as the Puppet V3 API uses because it is based on the interface of Puppet's indirector-based CA. However, Puppet Server's certificate authority is applied in Clojure. Both of these have their own different prefixes and versions other than the V3 API.

They follow the form for their endpoints as  /puppet-ca/v1/:indirection/:key, where:

  • : indirection is the indirection where the request is dispatched.
  • : the key is the "key" portion of the indirection call.

As of the Puppet V3 API, making use of this API requires a great understanding of how the internal services of Puppet's are structured. 

Authorization

The authorization in the puppet v4 API can be seen here. Authorization of the /puppet endpoints can be controlled with the help of the Puppet’s auth.conf authorization system.

auth. conf can be ignored for /puppet-ca endpoints by Puppet Server. The access of the certificate_status endpoint can be configured in Puppet Server ca.conf file. And, the remaining Certificate Authority endpoints are always accessible. auth.conf is used by Rack Puppet master servers for /puppet-ca.

While specifying the authorization in auth. conf, the version number and prefix (e.g. /puppet/v3) on paths must be there, since the Puppet matches the authorization rules with the complete request path.

Frequently Asked Questions

What do you mean by Puppet?

Puppet is a tool that helps you to centralize and automate the management process configuration.

What is the use of API in Puppet?

API allows us to interact with the Puppet Enterprise (PE) applications and the Puppet from our own written code or the application integration hooks.

Does the Puppet use v1/v2 HTTP API?

Puppet 4.0.0 removed the V1 and V2 APIs. The directories that were formerly under the / or /v2.0 can now get under the /puppet-ca/v1 API or /puppet/v3 API.

Conclusion

In this article, we have learned the overview of puppet v4 API.  We have seen the different POST/Puppet/v4/catalogs and schemas for the puppet v4 API.

You can learn the basics of Java and data structures and algorithms in Java on Coding Ninjas. Refer to our guided path on code studio to learn more about DSA, Competitive Programming, Javascript, System Design, etc. Enroll in our courses and refer to the mock test and problems available. Also, look at the interview experiences for placement preparations.

Happy Learning Ninjas.

Previous article
Overview of Puppet v3 API
Next article
API Endpoints in Puppet
Live masterclass
author
Top GenAI Skills to crack 30 LPA+ roles at Amazon & Google
by Sumit Shukla
02 Feb, 2026
03:00 PM
discord 34+ registered
author
Python + AI Skills to ace 30L+ CTC Data roles at Amazon
by Prerita Agarwal
01 Feb, 2026
06:30 AM
discord 538+ registered
author
Top 5 GenAI Projects to Crack 25 LPA+ Roles in 2026
by Shantanu Shubham
01 Feb, 2026
08:30 AM
discord 181+ registered
author
Zero to Data Analyst: Amazon Analyst Roadmap for 30L+ CTC
by Abhishek Soni
02 Feb, 2026
01:30 PM
discord 346+ registered
author
Top GenAI Skills to crack 30 LPA+ roles at Amazon & Google
by Sumit Shukla
02 Feb, 2026
03:00 PM
discord 34+ registered
author
Python + AI Skills to ace 30L+ CTC Data roles at Amazon
by Prerita Agarwal
01 Feb, 2026
06:30 AM
discord 538+ registered
View more events