Auth Service (3.5.0)

Download OpenAPI specification:Download

This is the spec that defines the API provided by the application to provide auth across the cluster

Auth

Validate Token

Validate if the input token is valid

Authorizations:
bearerAuth

Responses

Response samples

Content type
application/json
{
  • "code": 0,
  • "message": "message"
}

Create access token

Create an access token for EFA

Request Body schema: application/json

Credentials to fetch a token

username
string

Name of the user for whom the token has to be generated

password
string

Password for the above user

Responses

Request samples

Content type
application/json
{
  • "username": "admin",
  • "password": "password"
}

Response samples

Content type
application/json
{
  • "access-token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  • "token-type": "Bearer",
  • "refresh-token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  • "message": "Certificates will expire soon, please renew"
}

Create system access token

Create a system access token for EFA

Responses

Response samples

Content type
application/json
{
  • "access-token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  • "token-type": "Bearer",
  • "refresh-token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  • "message": "Certificates will expire soon, please renew"
}

Create extended system access token

Create an extended system access token for EFA

Request Body schema: application/json

Credentials to fetch a token

clientId
string

ID of the registered client

expiry
integer

Number of seconds until extended token must expire

Responses

Request samples

Content type
application/json
{
  • "clientId": "sdjfdjskjd",
  • "expiry": 300
}

Response samples

Content type
application/json
{
  • "access-token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  • "token-type": "Bearer",
  • "refresh-token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  • "message": "Certificates will expire soon, please renew"
}

Create access token for clients

Create an access token for XCO clients

Request Body schema: application/json

Client Credentials to fetch a token

username
string

Name of the user for whom the token has to be generated

password
string

Password for the above user

clientId
string

ID of the registered client

Responses

Request samples

Content type
application/json
{
  • "username": "admin",
  • "password": "password"
}

Response samples

Content type
application/json
{
  • "access-token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  • "token-type": "Bearer",
  • "message": "Certificates will expire soon, please renew"
}

Get access token with refresh token

Get access token with refresh token

Request Body schema: application/json

Refresh token

refresh-token
string

refresh token

grant-type
string

grant type(refresh_token)

Responses

Request samples

Content type
application/json
{
  • "grant-type": "refresh_token",
  • "refresh-token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Response samples

Content type
application/json
{
  • "access-token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  • "token-type": "Bearer",
  • "refresh-token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  • "message": "Certificates will expire soon, please renew"
}

Get key for XCO client

Get API key for XCO client

Authorizations:
bearerAuth
query Parameters
clientId
required
string

Client ID

Responses

Response samples

Content type
application/json
{
  • "apiKey": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Create a key for XCO clients

Create a key for XCO clients

Authorizations:
bearerAuth
query Parameters
force
required
boolean

Force key regenerate

Request Body schema: application/json

Credentials to fetch a token

clientId
string

ID of the registered client

Responses

Request samples

Content type
application/json
{
  • "clientId": "sdjfdjskjd"
}

Response samples

Content type
application/json
{
  • "apiKey": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

Get Token Expiry Time

Return Token Expiry Time

Authorizations:
bearerAuth
query Parameters
type
required
string

Type of the token

Responses

Response samples

Content type
application/json
{
  • "type": "ACCESS",
  • "hours": 0,
  • "minutes": 15
}

Update Token Expiry Time

Update Token Expiry Time For A Specific Token

Authorizations:
bearerAuth
Request Body schema: application/json

Type of the XCO token

type
string

Type of the token

hours
integer

Hours for token expiry

minutes
integer

Minutes for token expiry

Responses

Request samples

Content type
application/json
{
  • "type": "ACCESS",
  • "hours": 0,
  • "minutes": 15
}

Response samples

Content type
application/json
{
  • "type": "ACCESS",
  • "hours": 0,
  • "minutes": 15
}

Get All Tokens Expiry Time

Return All Tokens Expiry Times

Authorizations:
bearerAuth

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Remove the access token

Remove the access token for EFA

Responses

Response samples

Content type
application/json
{
  • "code": 0,
  • "message": "message"
}

Fetch all client details

Fetch all client details configured in the application

Authorizations:
bearerAuth

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Fetch client details by name

Fetch client details by name

Authorizations:
bearerAuth
query Parameters
name
required
string

Name of the client

Responses

Response samples

Content type
application/json
{
  • "name": "tenantname",
  • "clientID": "askjf-djffi-dwokd-askls",
  • "clientType": "openstack"
}

Register a new client

Register a new client to access EFA

Authorizations:
bearerAuth
Request Body schema: application/json

Details of the client

name
string

Name for the client(tenant name for Openstack clients)

clientType
string

Type of the client(openstack for Openstack clients)

Responses

Request samples

Content type
application/json
{
  • "name": "tenantname",
  • "clientType": "openstack"
}

Response samples

Content type
application/json
{
  • "name": "tenantname",
  • "clientID": "askjf-djffi-dwokd-askls",
  • "clientType": "openstack"
}

Delete a registered client

Delete a registered client by its name

Authorizations:
bearerAuth
query Parameters
name
required
string

Name of the registered client

Responses

Response samples

Content type
application/json
{
  • "code": 0,
  • "message": "message"
}

Fetch registered LDAP server details

Fetch LDAP details by name

Authorizations:
bearerAuth
query Parameters
name
required
string

Name given for the ldap connection

Responses

Response samples

Content type
application/json
{
  • "id": 0,
  • "name": "string",
  • "host": "string",
  • "port": "string",
  • "tls": true,
  • "insecure-tls": true,
  • "cacert": "string",
  • "timeout": 0,
  • "bind-user-name": "string",
  • "bind-user-password": "string",
  • "user-search-base": "string",
  • "user-object-class": "string",
  • "user-login-attribute": "string",
  • "user-role-attribute": "string",
  • "user-role-attribute-key": "string",
  • "user-member-attribute": "string",
  • "group-search-base": "string",
  • "group-object-class": "string",
  • "group-attribute": "string",
  • "group-member-user-attribute": "string",
  • "group-member-mapping-attribute": "string"
}

Update LDAP configuration

Update LDAP configuration for authentication

Authorizations:
bearerAuth
query Parameters
name
required
string

Name of the registered LDAP Server

Request Body schema: application/json

Details of the LDAP Server

name
string

Name for the LDAP connection

host
string

Specify the hostname or IPv4/IPv6 address

port
string

Specify the port at which the OpenLDAP server is listening for connections

tls
required
boolean

Enable to use LDAP over SSL/TLS

insecure-tls
required
boolean

Enable to use LDAP without cert verification

cacert
string

CA certificate

timeout
required
integer

Duration in number of seconds before considering the server unreachable(defaults to 5 sec)

bind-user-name
string

Distinguished Name (DN) of the user that should be used to bind, search and retrieve LDAP entries

bind-user-password
string

Password of the bind user

user-search-base
string

Enter the Distinguished Name of the node in your directory tree from which to start searching for user objects.

user-object-class
string

Name of the object class used for user objects(defaults to inetOrgPerson)

user-login-attribute
string

The attribute whose value matches the username part of credentials entered by your users when logging in(defualts to uid)

user-role-attribute
string

The attribute to read the role of user from

user-role-attribute-key
string

The attribute to read the role value from role attribute

user-member-attribute
string

The attribute to read the member of the group the user is part of

group-search-base
string

Enter the Distinguished Name of the node in your directory tree from which to start searching for group objects.

group-object-class
string

Name of the object class used for group objects(defaults to groupOfNames)

group-attribute
string

Attribute to define search filter on group(defaults to cn)

group-member-user-attribute
string

The name of the user attribute whose format matches the group members(defualts to entrydn)

group-member-mapping-attribute
string

The name of the group attribute containing the members of a group(defaults to member)

cli
boolean
Default: false

Differentiate the client type

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "host": "string",
  • "port": "string",
  • "tls": true,
  • "insecure-tls": true,
  • "cacert": "string",
  • "timeout": 0,
  • "bind-user-name": "string",
  • "bind-user-password": "string",
  • "user-search-base": "string",
  • "user-object-class": "string",
  • "user-login-attribute": "string",
  • "user-role-attribute": "string",
  • "user-role-attribute-key": "string",
  • "user-member-attribute": "string",
  • "group-search-base": "string",
  • "group-object-class": "string",
  • "group-attribute": "string",
  • "group-member-user-attribute": "string",
  • "group-member-mapping-attribute": "string",
  • "cli": false
}

Response samples

Content type
application/json
{
  • "id": 0,
  • "name": "string",
  • "host": "string",
  • "port": "string",
  • "tls": true,
  • "insecure-tls": true,
  • "cacert": "string",
  • "timeout": 0,
  • "bind-user-name": "string",
  • "bind-user-password": "string",
  • "user-search-base": "string",
  • "user-object-class": "string",
  • "user-login-attribute": "string",
  • "user-role-attribute": "string",
  • "user-role-attribute-key": "string",
  • "user-member-attribute": "string",
  • "group-search-base": "string",
  • "group-object-class": "string",
  • "group-attribute": "string",
  • "group-member-user-attribute": "string",
  • "group-member-mapping-attribute": "string"
}

Register a new LDAP Server

Register a new LDAP Server for authentication

Authorizations:
bearerAuth
Request Body schema: application/json

Details of the LDAP Server

name
string

Name for the LDAP connection

host
string

Specify the hostname or IPv4/IPv6 address

port
string

Specify the port at which the OpenLDAP server is listening for connections

tls
required
boolean

Enable to use LDAP over SSL/TLS

insecure-tls
required
boolean

Enable to use LDAP without cert verification

cacert
string

CA certificate

timeout
required
integer

Duration in number of seconds before considering the server unreachable(defaults to 5 sec)

bind-user-name
string

Distinguished Name (DN) of the user that should be used to bind, search and retrieve LDAP entries

bind-user-password
string

Password of the bind user

user-search-base
string

Enter the Distinguished Name of the node in your directory tree from which to start searching for user objects.

user-object-class
string

Name of the object class used for user objects(defaults to inetOrgPerson)

user-login-attribute
string

The attribute whose value matches the username part of credentials entered by your users when logging in(defualts to uid)

user-role-attribute
string

The attribute to read the role of user from

user-role-attribute-key
string

The attribute to read the role value from role attribute

user-member-attribute
string

The attribute to read the member of the group the user is part of

group-search-base
string

Enter the Distinguished Name of the node in your directory tree from which to start searching for group objects.

group-object-class
string

Name of the object class used for group objects(defaults to groupOfNames)

group-attribute
string

Attribute to define search filter on group(defaults to cn)

group-member-user-attribute
string

The name of the user attribute whose format matches the group members(defualts to entrydn)

group-member-mapping-attribute
string

The name of the group attribute containing the members of a group(defaults to member)

cli
boolean
Default: false

Differentiate the client type

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "host": "string",
  • "port": "string",
  • "tls": true,
  • "insecure-tls": true,
  • "cacert": "string",
  • "timeout": 0,
  • "bind-user-name": "string",
  • "bind-user-password": "string",
  • "user-search-base": "string",
  • "user-object-class": "string",
  • "user-login-attribute": "string",
  • "user-role-attribute": "string",
  • "user-role-attribute-key": "string",
  • "user-member-attribute": "string",
  • "group-search-base": "string",
  • "group-object-class": "string",
  • "group-attribute": "string",
  • "group-member-user-attribute": "string",
  • "group-member-mapping-attribute": "string",
  • "cli": false
}

Response samples

Content type
application/json
{
  • "id": 0,
  • "name": "string",
  • "host": "string",
  • "port": "string",
  • "tls": true,
  • "insecure-tls": true,
  • "cacert": "string",
  • "timeout": 0,
  • "bind-user-name": "string",
  • "bind-user-password": "string",
  • "user-search-base": "string",
  • "user-object-class": "string",
  • "user-login-attribute": "string",
  • "user-role-attribute": "string",
  • "user-role-attribute-key": "string",
  • "user-member-attribute": "string",
  • "group-search-base": "string",
  • "group-object-class": "string",
  • "group-attribute": "string",
  • "group-member-user-attribute": "string",
  • "group-member-mapping-attribute": "string"
}

Delete a registered LDAP server

Delete a registered LDAP server

Authorizations:
bearerAuth
query Parameters
name
required
string

Name of the registered LDAP Server

Responses

Response samples

Content type
application/json
{
  • "code": 0,
  • "message": "message"
}

Reset LDAP configuration

Reset LDAP configuration

query Parameters
name
required
string

Name of the registered LDAP Server

Request Body schema: application/json

Reset LDAP Configs.

Array
string

Responses

Request samples

Content type
application/json
[
  • "Host",
  • "Port",
  • "CaCert",
  • "BindUsername",
  • "BindUserPassword",
  • "UserSearchBase",
  • "UserObjectClass",
  • "UserLoginAttribute",
  • "UserRoleAttribute",
  • "UserRoleAttributeKey",
  • "UserMemberAttribute",
  • "GroupSearchBase",
  • "GroupObjectClass",
  • "GroupAttribute",
  • "GroupMemberUserAttribute",
  • "GroupMemberMappingAttribute"
]

Response samples

Content type
application/json
{
  • "id": 0,
  • "name": "string",
  • "host": "string",
  • "port": "string",
  • "tls": true,
  • "insecure-tls": true,
  • "cacert": "string",
  • "timeout": 0,
  • "bind-user-name": "string",
  • "bind-user-password": "string",
  • "user-search-base": "string",
  • "user-object-class": "string",
  • "user-login-attribute": "string",
  • "user-role-attribute": "string",
  • "user-role-attribute-key": "string",
  • "user-member-attribute": "string",
  • "group-search-base": "string",
  • "group-object-class": "string",
  • "group-attribute": "string",
  • "group-member-user-attribute": "string",
  • "group-member-mapping-attribute": "string"
}

Get all LDAP connection details

Get All LDAP details configured in the application

Authorizations:
bearerAuth

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Register a new TACACS server

Register a new TACACS server

Authorizations:
bearerAuth
Request Body schema: application/json

TACACS server

host
string

Specify the hostname or IPv4/IPv6 address

port
integer

Port number

protocol
string
Enum: "CHAP" "PAP"

Protocol like PAP or CHAP

secretKey
string <= 40 characters

Secret key maximum 40 characters

Responses

Request samples

Content type
application/json
{
  • "host": "10.37.138.217",
  • "port": 49,
  • "protocol": "CHAP",
  • "secretKey": "sharedsecret"
}

Response samples

Content type
application/json
{
  • "code": 0,
  • "message": "message"
}

Update Tacacs server details

Update Tacacs server details

Authorizations:
bearerAuth
Request Body schema: application/json

Details of the TACACS server

host
string

Specify the hostname or IPv4/IPv6 address

port
integer

Port number

protocol
string
Enum: "CHAP" "PAP"

Protocol like PAP or CHAP

secretKey
string <= 40 characters

Secret key maximum 40 characters

Responses

Request samples

Content type
application/json
{
  • "host": "10.37.138.217",
  • "port": 49,
  • "protocol": "CHAP",
  • "secretKey": "sharedsecret"
}

Response samples

Content type
application/json
{
  • "host": "10.37.138.217",
  • "port": 49,
  • "protocol": "CHAP",
  • "secretKey": "sharedsecret"
}

Delete a registered TACACS server

Delete a registered TACACS server by its host

Authorizations:
bearerAuth
query Parameters
host
required
string

Specify the hostname or IPv4/IPv6 address

Responses

Response samples

Content type
application/json
{
  • "code": 0,
  • "message": "message"
}

Fetch TACACS server details of a sepcific host or all hosts

Fetch TACACS server details of a specific host or all hosts

Authorizations:
bearerAuth
query Parameters
host
string

The host of the TACACS server registered or all to get all servers

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Get authentication summary details

Get Authentication summary details configured in the application

Authorizations:
bearerAuth

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Add the authentication preference

Add the authentication preference

Authorizations:
bearerAuth
Request Body schema: application/json

Add the authentication preference

authType
string
Default: "HOST"
Enum: "TACACS" "LDAP" "LOCAL" "HOST"

TACAC, LDAP, LOCAL, or HOST

identifier
string

auth identifier

preference
integer

auth preference

Responses

Request samples

Content type
application/json
{
  • "authType": "TACACS",
  • "identifier": "10.37.23.4",
  • "preference": 1
}

Response samples

Content type
application/json
{
  • "code": 0,
  • "message": "message"
}

Update the authentication preference

Update the authentication preference

Authorizations:
bearerAuth
Request Body schema: application/json

Update the authentication preference

authType
string
Default: "HOST"
Enum: "TACACS" "LDAP" "LOCAL" "HOST"

TACAC, LDAP, LOCAL, or HOST

identifier
string

auth identifier

preference
integer

auth preference

Responses

Request samples

Content type
application/json
{
  • "authType": "TACACS",
  • "identifier": "10.37.23.4",
  • "preference": 1
}

Response samples

Content type
application/json
{
  • "code": 0,
  • "message": "message"
}

Delete the authentication preference

Delete the authentication preference

Authorizations:
bearerAuth
Request Body schema: application/json

Delete the authentication preference

authType
string
Default: "HOST"
Enum: "TACACS" "LDAP" "LOCAL" "HOST"

TACAC, LDAP, LOCAL, or HOST

identifier
string

auth identifier

preference
integer

auth preference

Responses

Request samples

Content type
application/json
{
  • "authType": "TACACS",
  • "identifier": "10.37.23.4",
  • "preference": 1
}

Response samples

Content type
application/json
{
  • "code": 0,
  • "message": "message"
}

Get authentication preferences

Get authentication preferences

Authorizations:
bearerAuth

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Add and update the authentication preferences

Add and update the authentication preferences

Authorizations:
bearerAuth
Request Body schema: application/json

Add and update the authentication preferences

Array
authType
string
Default: "HOST"
Enum: "TACACS" "LDAP" "LOCAL" "HOST"

TACAC, LDAP, LOCAL, or HOST

identifier
string

auth identifier

preference
integer

auth preference

Responses

Request samples

Content type
application/json
[
  • {
    }
]

Response samples

Content type
application/json
{
  • "code": 0,
  • "message": "message"
}

Get the active users details by authentication type

Get the active users details by authentication type

Authorizations:
bearerAuth
query Parameters
auth_type
required
string
Default: "HOST"
Enum: "TACACS" "LDAP" "LOCAL" "HOST"

Authentication type of the user

Responses

Response samples

Content type
application/json
{
  • "pagination_response": {
    },
  • "user": [
    ]
}

Fetch all users details or specific user detail by name

Fetch all users details or specific user detail by name

Authorizations:
bearerAuth
query Parameters
user_name
string

Name of the user

Responses

Response samples

Content type
application/json
{
  • "pagination_response": {
    },
  • "user": [
    ]
}

Register a new user

Register a new user

Authorizations:
bearerAuth
Request Body schema: application/json

Details of the user

id
integer <int32>

ID of the operation

user_name
string

user name to be registered

email_id
string

email id to be registered

password
string

password

roles
Array of strings (Full list of roles)

List of roles or specific role details

is_blocked
boolean
Default: false

is user blocked

created_at
string <date-time>

user created time

organization
string

organization information

address
string

user address

mobile_number
string

user mobile number

location
string

user location

auth_type
string

authorization type

is_active
boolean
Default: false

is user active

active_since
string <date-time>

user active time

Responses

Request samples

Content type
application/json
{
  • "id": 1,
  • "user_name": "willsmith",
  • "email_id": "abc@test.com",
  • "roles": [
    ],
  • "is_blocked": false,
  • "organization": "Extreme Networks",
  • "location": "New York",
  • "is_active": false
}

Response samples

Content type
application/json
{}

Update roles of a registered user

Update roles of a registered user

Authorizations:
bearerAuth
Request Body schema: application/json

Details of the user

id
integer <int32>

ID of the operation

user_name
string

user name to be registered

email_id
string

email id to be registered

password
string

password

roles
Array of strings (Full list of roles)

List of roles or specific role details

is_blocked
boolean
Default: false

is user blocked

created_at
string <date-time>

user created time

organization
string

organization information

address
string

user address

mobile_number
string

user mobile number

location
string

user location

auth_type
string

authorization type

is_active
boolean
Default: false

is user active

active_since
string <date-time>

user active time

Responses

Request samples

Content type
application/json
{
  • "id": 1,
  • "user_name": "willsmith",
  • "email_id": "abc@test.com",
  • "roles": [
    ],
  • "is_blocked": false,
  • "organization": "Extreme Networks",
  • "location": "New York",
  • "is_active": false
}

Response samples

Content type
application/json
{
  • "id": 1,
  • "user_name": "willsmith",
  • "email_id": "abc@test.com",
  • "roles": [
    ],
  • "is_blocked": false,
  • "organization": "Extreme Networks",
  • "location": "New York",
  • "is_active": false
}

Delete a registered user

Delete a registered user by its name

Authorizations:
bearerAuth
query Parameters
user_name
required
string

Name of the registered user

Responses

Response samples

Content type
application/json
{
  • "code": 0,
  • "message": "message"
}

Update the user state blocked or unblocked

Update the user state blocked or unblocked

Authorizations:
bearerAuth
Request Body schema: application/json

Details of the user

user_name
string

user name to be updated

is_blocked
boolean
Default: false

is user blocked

Responses

Request samples

Content type
application/json
{
  • "user_name": "willsmith",
  • "is_blocked": false
}

Response samples

Content type
application/json
{
  • "user_name": "willsmith",
  • "is_blocked": false
}

Change password of a registered user

Change password of a registered user

Authorizations:
bearerAuth
Request Body schema: application/json

Details of the user

user_name
string

user name

old_password
string

old password

new_password
string

new password

Responses

Request samples

Content type
application/json
{
  • "user_name": "willsmith",
  • "old_password": "test",
  • "new-Password": "test1"
}

Response samples

Content type
application/json
{
  • "user_name": "willsmith",
  • "old_password": "test",
  • "new-Password": "test1"
}

Reset password registered user

Reset password of a registered user

Authorizations:
bearerAuth
Request Body schema: application/json

Details of the user

password
string

password

Responses

Request samples

Content type
application/json
{
  • "password": "test1"
}

Response samples

Content type
application/json
{
  • "message": "passowrd changed successfully"
}

Requesting the user to reset password

Reset user password

Authorizations:
bearerAuth
Request Body schema: application/json

Details of the user

user_name
string

user name to be registered

email_id
string

email id to be registered

password
string

user password

Responses

Request samples

Content type
application/json
{
  • "user_name": "string",
  • "email_id": "string",
  • "password": "string"
}

Response samples

Content type
application/json
{}

Get host users.

This is a proxy API over the monitor service for fetching the host users.

Authorizations:
bearerAuth

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Get the host users and the active session details

Get the host users and the active session details

Authorizations:
bearerAuth

Responses

Response samples

Content type
application/json
{
  • "pagination_response": {
    },
  • "user": [
    ]
}

Trouble Shooting

Get execution details

Get the detailed output of the given execution ID

Authorizations:
bearerAuth
query Parameters
id
required
string

Execution ID

Responses

Response samples

Content type
application/json
{
  • "start_time": "2000-01-23T04:56:07.000+00:00",
  • "end_time": "2000-01-23T04:56:07.000+00:00",
  • "id": "id",
  • "parameters": "client add",
  • "logs": "logs",
  • "command": "client add",
  • "status": "Failed, Succeeded"
}

deleteExecutions

This API will delete the execution entries older than specific number of days

Authorizations:
bearerAuth
query Parameters
days_older_by
required
integer
Default: 30

Deletes execution entries older than specified number of days

Responses

Response samples

Content type
application/json
{
  • "code": 0,
  • "message": "message"
}

Get Execution List

Get the list of all the previous executions

Authorizations:
bearerAuth
query Parameters
limit
required
integer
Default: 10

Limit the number of executions that will be sent in the response. Default is 10

status
string
Default: "all"

Filter the executions based on the status(failed/succeeded/all)

Responses

Response samples

Content type
application/json
{
  • "items": [
    ]
}

getExecLogs

Get Execution log list with pagination

Get Execution log list with pagination

Authorizations:
bearerAuth
query Parameters
object (SearchQuery)

{"group_by":"user_name"} Responses grouped by user name {"filter":[{"name":"user_name","value":"admin"}] Responses filtered by name="admin" {"fuzzy":"ConfigAddUpdate"} Responses searched using fuzzy search "ConfigAddUpdate"

Responses

Response samples

Content type
application/json
{
  • "items": [
    ]
}

Role

Fetch role mapping details

Fetch role mapping details

Authorizations:
bearerAuth
query Parameters
auth_type
string

Auth type(LOCAL, HOST, LDAP, or TACACS)

auth_identifier
string

Auth identifier

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Map roles

To map user defined roles with XCO role

Authorizations:
bearerAuth
Request Body schema: application/json

Mapping the user defined roles and XCO roles

Array
name
string

Name for the user or group for whom role is to assigned

role
string

Name of the role to be assigned

type
string

Type of the assignment (user or group)

auth_type
string

Authorization framework type (local, host, tacacs, or ldap)

auth_identifier
string

Identifier for the auth configuration

Responses

Request samples

Content type
application/json
[
  • {
    }
]

Response samples

Content type
application/json
[
  • {
    }
]

Add new role mapping

Add new role mapping

Authorizations:
bearerAuth
Request Body schema: application/json

Details of the mapping to be created

name
string

Name for the user or group for whom role is to assigned

role
string

Name of the role to be assigned

type
string

Type of the assignment (user or group)

auth_type
string

Authorization framework type (local, host, tacacs, or ldap)

auth_identifier
string

Identifier for the auth configuration

Responses

Request samples

Content type
application/json
{
  • "name": "tenantname",
  • "role": "TenantAdmin",
  • "type": "user",
  • "auth_type": "local",
  • "auth_identifier": "user1"
}

Response samples

Content type
application/json
{
  • "id": 1,
  • "name": "tenantname",
  • "role": "TenantAdmin",
  • "type": "user",
  • "auth_type": "local",
  • "auth_identifier": "user1"
}

Delete a role mapping

Delete the role mapping

Authorizations:
bearerAuth
query Parameters
id
required
string

ID of the role mapping that is created

Responses

Response samples

Content type
application/json
{
  • "code": 0,
  • "message": "message"
}