Update existing Auth Server Global profile configurations

patch

https://de1.api.central.arubanetworks.com/network-config/v1alpha1/auth-server-global-config/{name}

Authentication Server Global Profiles.

Recent Requests

Time	Status	User Agent
Retrieving recent requests…

Loading…

Path Params

name

string

required

length ≤ 9999

Profile name.

Query Params

object-type

string

LOCAL - To update local objects. SHARED - To update shared objects. Default - Defaults to SHARED if not provided

scope-id

string

Scope at which local object needs to be updated. Mandatory if object-type = LOCAL. Should not be provided for object-type = SHARED.

device-function

string

Device function for which the local object needs to be updated. Mandatory if object_type = LOCAL. Should not be provided for object_type = SHARED.

Body Params

profilebody object

access-request-include

object

Attributes to be included in access-request

authentication-type

string

enum

Defaults to PAP

Specifies authentication protocol which is used for communication with Auth servers. This field can be configured only when type is RADIUS or TACACS.

Show Details

CHAP	Use CHAP (non-standard) to authenticate user.
MSCHAPv2	Use MSCHAPv2 to authenticate user.
PAP	Use PAP to authenticate user.

Allowed:

deadtime

int32

0 to 1440

Dead time for unavailable authentication server.

description

string

length between 1 and 256

Profile description

dns-query-interval

int32

1 to 60

Defaults to 5

Configure the query interval in seconds.
This field can be configured only when the dns-query-mode is set to FIXED.

dns-query-mode

string

enum

Defaults to BACKOFF

Configure the query mode to resolve a FQDN address for a RADIUS server.
This field can be configured only when type is RADIUS

Show Details

BACKOFF	Use exponential backoff wait timer for DNS queries.
FIXED	Use a fixed wait timer for DNS queries.

Allowed:

dynamic-authorization-enable

boolean

Defaults to false

Dynamic Authorization Enable.This field can be configured only when type is RADIUS.

dynamic-authorization-port

int32

0 to 65535

Defaults to 3799

UDP port number used by the dynamic authorization server. This field can be configured only when type is RADIUS

enable

boolean

Defaults to false

Dynamic Authorization Enable.This field can be configured only when type is RFC3576.

enable-radsec

boolean

Defaults to false

Enables RADIUS over TLS. This field can be configured only when type is RADIUS.

fqdn-retry-interval

int32

0 to 5

Defaults to 0

FQDN retry time in minutes

infinite-deadtime

boolean

Defaults to false

Infinite deadtime for the Auth server.

name

string

length between 1 and 256

Profile name.

ordering-sequence

boolean

Defaults to false

Enables reordering upon deleting of tacacs server.

retries

int32

0 to 5

Defaults to 1

The number of retry attempts to use for reaching out to RADIUS servers. This field can be configured only when type is RADIUS.

service-type-in-access-request

boolean

Defaults to false

Service Type attribute in access request. This field can be configured only when type is RADIUS.

shared-secret-config

object

Group for global auth-server shared key.

single-connection-mode

boolean

Defaults to true

Single connection mode for TACACS servers. This field can be configured only when type is TACACS.

status-server-interval

int64

10 to 86400

Defaults to 300

Time interval to send the status server message. This field can be configured only when type is RADIUS.

timeout

int32

1 to 255

Defaults to 5

The timeout value specifies the number of seconds to wait for a response from the Auth server before moving to next server.
For CX, range is 1-60. This field can be configured only when type is RADIUS or TACACS.

tls-initial-connection-timeout

int32

5 to 300

Defaults to 30

TLS Initial connection timeout (timeout for TLS handshake). This field can be configured only when type is RADIUS.

tracking-enable

boolean

Defaults to false

Tracking status of the server.

tracking-interval

int64

60 to 86400

Defaults to 300

Time interval to send the tracking request for Auth Server. This field can be configured only when type is RADIUS, TACACS or RADSEC.

tracking-mode

string

enum

Tracking mode of the server

Show Details

ANY	Track the server irrespective of its availability.
DEAD_ONLY	Track the server only if it is not reachable.

Allowed:

tracking-password-config

object

Group for password of the user sent in the tracking request message.

tracking-req-packet

int32

1 to 5

Defaults to 3

Maximum number of request packet to be sent for RADIUS tracking on retry

tracking-retries

int32

0 to 5

Maximum number of retries to be done for RADIUS tracking. This field can be configured only when type is RADIUS.

tracking-user-name

string

length between 1 and 64

Username that will be used in Access-Request packets for Radius Server Tracking. This field can be configured only when type is RADIUS, TACACS or RADSEC.

type

string

enum

Auth Server Type.

Show Details

LDAP	LDAP Server.
LOCAL	Local Internal Server for GW.
RADIUS	RADIUS Server.
RADSEC	RadSec Server.
RFC3576	Dynamic authorization Server.
TACACS	TACACS Server.
WINDOWS	Windows Server.
XMLAPI	XML API Server.

udp-port

int32

0 to 65535

Defaults to 3799

UDP port number used by the dynamic authorization server. This field can be configured only when type is RADIUS or RFC3576

vsa-disable

boolean

Defaults to false

Disables vendor specific attribute capability advertisement.

Responses

Language

Credentials

OAuth2

URL

Loading…

Response

Click Try It! to start a request and see the response here! Or choose an example:

application/json

200Successful Operation

400Bad Request

401Unauthorized Access

403Forbidden

404Not Found

406Not Acceptable

408Request Timeout

412Precondition Failed

429Rate limit exceeded

500Internal Server Error