Create authorization policy configuration.

post

https://de1.api.central.arubanetworks.com/network-config/v1alpha1/authz-policies/{policy-id}

Authorization Policy to be used for Central NAC.

Authorization policy defines authorization sources and rules that determine the enforcement profile that is assigned to user or device upon authorization.

Recent Requests

Time	Status	User Agent
Retrieving recent requests…

Loading…

Path Params

policy-id

string

required

length ≤ 9999

Unique immutable identifier for policy.

Query Params

object-type

string

LOCAL - To create local objects. SHARED - To create shared objects. Default - Defaults to SHARED if not provided

scope-id

string

Scope at which local object needs to be created. Mandatory if object-type = LOCAL. Should not be provided for object-type = SHARED.

device-function

string

Device function for which the local object needs to be created. Mandatory if object_type = LOCAL. Should not be provided for object_type = SHARED.

Body Params

policybody object

ci-cache-max-age

int64

1 to 43200

Defaults to 4320

Maximum time in minutes after which cached client attributes are dropped.

default-enf-profile

array of objects

length ≤ 2147483647

Default enforcement profile that is inherited by all configured rules.

A union of enforcement attributes from default profile and enforcement profile from matching rule will be applied.

Enforcement Attributes from matching rule have precedence over default attributes

default-enf-profile

description

string

length between 0 and 255

dpp-network

string

length between 1 and 32

Name of the DPP network.

enable

boolean

Defaults to true

Enable policy.

identity-stores

array of strings

length ≤ 2147483647

identity-stores

name

string

required

length between 1 and 255

Name of authorization policy.

policy-id

string

length ≤ 9999

Unique immutable identifier for policy.

policy-type

string

enum

Authorization policy type that defines the kind of pre-conditions,
identity stores, policy rules and enforcement profiles that can be configured.

Show Details

CUSTOM	Custom authorization policy that provides complete flexibility in configuration. This is only allowed with premium license.
DEVICE	Client device or MAC based authorization policy.
DPP	Authorization policy for DPP.
USER	User based authorization policy.
VISITOR	Authorization policy for visitors.

Allowed:

position

int32

required

0 to 255

Position determines the order in which the policies are evaluated.

conditions

object

Policy conditions under which the policy or rule can be applied.

rule

array of objects

length ≤ 2147483647

Policy rule is collection of logical conditions and actions that are evaluated against the configured attributes.

Policy rules are evaluated in the order of their position.

A union of enforcement attributes from the first matching rule and default enforcement profile is applied.

Enforcement Attributes from matching rule have precedence over default attributes.

rule

Responses

Language

Credentials

OAuth2

URL

Loading…

Response

Click Try It! to start a request and see the response here! Or choose an example:

application/json

200Successful Operation

400Bad Request

401Unauthorized Access

403Forbidden

404Not Found

406Not Acceptable

408Request Timeout

412Precondition Failed

429Rate limit exceeded

500Internal Server Error