API ReferenceNew CentralGuidesMRT APIConfiguration API
GithubAirheads Developer Community
API Reference
GithubAirheads Developer Community

Configure a new AAA profile

post
https://de1.api.central.arubanetworks.com/network-config/v1alpha1/aaa-profile/

List of AAA profiles.

Recent Requests
Log in to see full request history
TimeStatusUser Agent
Retrieving recent requests…
LoadingLoading…
Path Params
string
required
length ≤ 9999

Name of the AAA profile.

Query Params
string

LOCAL - To create local objects. SHARED - To create shared objects. Default - Defaults to SHARED if not provided

string

Scope at which local object needs to be created. Mandatory if object-type = LOCAL. Should not be provided for object-type = SHARED.

string

Device function for which the local object needs to be created. Mandatory if object_type = LOCAL. Should not be provided for object_type = SHARED.

Body Params

profilebody object

authentication
object

Group for allow-flood-traffic configuration shared by aaa-profile and port-security.

authorization
object

Group for authorization attributes.

security-violation
object

Security violation configuration.

boolean
Defaults to false

Ageout mechanism on bridge mode wireless clients.

boolean
Defaults to false

Denylist client when Security-Context-Override attack.

boolean
Defaults to true

Device Type Classification.

string
enum
Defaults to DIFFIE_HELLMAN_GRP_19

Diffie-Hellman Groups Supported for EnhancedOpen.

Show Details
DIFFIE_HELLMAN_GRP_19Diffie-Hellman Group 19.
DIFFIE_HELLMAN_GRP_20Diffie-Hellman Group 20.
DIFFIE_HELLMAN_GRP_21Diffie-Hellman Group 21.
Allowed:
boolean
Defaults to false

Distributed L3 mode for radproxy in microbranch.

boolean
Defaults to false

Download Role from CPPM if not defined.

string
length between 1 and 63

DPP NetAccess Default Role.

string
length between 1 and 80

Associate to a DPP NetAccess server group.

boolean
Defaults to false

Require IP address to be obtained using DHCP.

boolean
Defaults to false

Continue with other authentication schemes even if one fails.

int64
1 to 32
Defaults to 2

Number of IPv4 addresse allowed.

boolean
Defaults to false

Require IP mapping at Palo Alto Networks firewalls.

boolean
Defaults to false

Reauthenticate wired user when changing VLANs.

string
length between 1 and 63

This leaf will get deprecated. Please use the leaf-list rfc3576-server-list to send user disconnect, CoA.

rfc3576-server-list
array of strings
length ≤ 2147483647
rfc3576-server-list
string
length between 1 and 256

user derivation rule

int64
0 to 15300

User idle timeout value. Value of 0 deletes the user immediately on disassoc/disconnect.

boolean
Defaults to false

Username from dhcp option 12 for non-802.1x users.

boolean
Defaults to true

Enable webserver access

boolean
Defaults to true

Keep user authenticated when roaming from wired side.

string
length between 1 and 80

Server group for radius accounting.

boolean
Defaults to false

Include Acct-Session-Id in RADIUS Access-Request.

boolean
Defaults to false

Send RADIUS interim accounting records.

boolean
Defaults to false

Send RADIUS Accounting to all servers in RADIUS accounting server group.

boolean
Defaults to false

Open system SSID radius accounting.

boolean
Defaults to false

Station-based RADIUS accounting session for Wireless.

boolean
Defaults to false

Roaming RADIUS accounting service.

string
length between 1 and 256

AAA profile description.

string
length between 1 and 256

Name of the AAA profile.

Responses

Updated 11 days ago

Language
Credentials
OAuth2
URL
LoadingLoading…
Response
Click Try It! to start a request and see the response here! Or choose an example:
application/json

Updated 11 days ago