Introduction


This guide walks through building a working Node-RED flow for managing Tachyon TNA-series device configuration via its REST API, covering the get-modify-post pattern required for partial updates, common pitfalls like double-wrapped JSON payloads and expired auth tokens, and how to safely validate changes using dry-run mode before applying them to a live device.


Configuration


Part 1: Authentication and Session Management


Before executing any configuration changes on Tachyon TNA devices, secure access must be established. The API uses token-based authentication, meaning every subsequent request relies on a valid session token.

In Node-RED, this initialization phase is handled by a dedicated authentication pipeline consisting of four interconnected nodes:



  • Login Trigger (Inject Node): Acts as the entry point. It can be triggered manually during testing or set up to run automatically on a specific schedule (e.g., every hour) to ensure the session token remains active and doesn't expire.

  • 1. Login Request (HTTP Request Node): Executes a POST request to the device's login endpoint (e.g., /apiv1/login). It transmits the administration credentials (username and password) inside the payload, requesting a secure session.

  • Save Token (Function Node): Extracts the newly generated token from the device's successful response and saves it globally within Node-RED's memory scope using:

    global.set("tachyon_token", msg.payload.token);

    By storing the token in the global context, any other flow or sequence within the workspace can instantly reuse this session without needing to log in again.

  • Login Response (Debug Node): A simple output logger that prints the final execution status to the debug panel, allowing the operator to verify that the connection was successfully established.


Part 2: Node Configurations Breakdown


1. Login Trigger (Inject Node)

  • msg.payload: {}JSON {"username":"root","password":"<device_password>"}

2. 1. Login Request (HTTP Request Node)

This node handles the handshake with the TNA device. Double-click it and set:

  • Method: POST

  • URL: http://192.168.1.20/cgi.lua/apiv1/login (Replace with your device's actual IP address)

  • Return: a parsed JSON object

3. Save Token (Function Node)

This JavaScript block captures the token from the response and stores it in Node-RED’s global memory so other flows can access it.

  • Function Code:

    if (msg.payload && msg.payload.auth === true) {
        global.set("tachyon_token", msg.payload.token);
        node.status({fill:"green",shape:"dot",text:"Connected!"});
        return msg;
    } else {
        node.status({fill:"red",shape:"ring",text:"Error"});
        return null;
    }

4. Login Response (Debug Node)

  • Output: msg.payload

  • To: debug window



Part 3: Triggering the Authentication Session


Before managing any configurations, Node-RED must hold a valid API session token.

  1. Locate the Login Trigger node on your workspace.

  2. Click the square inject button on the left side of the node.

  3. Open the Debug Panel on the right side of the Node-RED interface


Expected Results:

  • The Save Token function node should briefly display a green status dot saying "Token saved".

  • The Login Response debug node will output the successful response object containing the temporary API token. 

Step 4: Applying Changes via the Reboot Sequence


To prevent manual intervention via the web UI, we can automate this final step by adding a dedicated Reboot Sequence to our Node-RED pipeline:



Node Configuration Details

1. Reboot Button (Inject Node)

This is a standard dashboard button or manual inject node used by the network administrator to finalize the update process.

  • Payload: boolean : true

2. Add Cookie & Empty Payload (Function Node)

This JavaScript node handles the session authentication and prepares the message to comply with the strict endpoint structure required by the TNA firmware.

  • Code:

    let token = global.get("tachyon_token");
    if (!token) {
        node.error("Missing token! Log in first.");
        return null;
    }
    msg.headers = {
        "Cookie": "api_token=" + token,
        "Content-Type": "application/json"
    };
    msg.payload = {}; 
    return msg;

3. POST /reboot (HTTP Request Node)

Executes the dynamic payload over the network.

  • Method: - POST

  • URL: http://192.168.1.20/cgi.lua/apiv1/reboot

  • Return: a parsed JSON object

4. Reboot Log (Debug Node)

Captures and displays the device's execution feedback.

  • Output: msg.payload


Conclusion


Integrating the Tachyon TNA API with Node-RED transforms standard network equipment into highly customizable, programmable infrastructure. While the device's strict full-payload validation engine presents an initial learning curve, mastering the Get-Modify-Post (GMP) pattern gives network administrators complete control over device states. By automating the authentication handshakes, bypassing schema pitfalls via structural object wrapping, and building quick UI triggers like our Dashboard Reboot button, you eliminate human error and dramatically accelerate deployment workflows.


Future Ideas: Scaling to Bulk Configurations

Now that you have a working, single-device automation pipeline, the true superpower of Node-RED is its ability to scale horizontally. Instead of triggering this sequence for one IP address, you can expand this logic into a Bulk Configuration Engine capable of orchestrating updates across dozens or hundreds of TNA devices simultaneously.

By replacing the single Inject or Button node with an array of device IPs passed through a Node-RED Split node, you can distribute settings across your entire network topology within seconds.