External authentication¶
Data structures¶
| Parameter | Type | Description |
|---|---|---|
| id | int | Object identifier. Read only. |
| type | string {cerb, radius, ldap, ad} | |
| cerb | ExternalAuthenticationCerbModel | Cerb object definiton |
| radius | ExternalAuthenticationRadiusModel | Radius object definiton |
| ldap | ExternalAuthenticationLdapModel | LDAP object definiton |
| ad | ExternalAuthenticationAdModel | Active Directory object definiton |
| Parameter | Type | Description |
|---|---|---|
| host | string | Ip address of service provider; required |
| port | int | Port value of service provider; required |
| bindto | string | Bind address. Include labels like ‘fudo:label:test’ or ip address |
| nasid | string | Correct value of NAS id of cerb provider; required |
| secret | string | Password to cerb provider; required; write-only |
| Parameter | Type | Description |
|---|---|---|
| host | string | Ip address of service provider; required |
| port | int | Port value of service provider; required |
| bindto | string | Bind address. Include labels like ‘fudo:label:test’ or ip address |
| nasid | string | Correct value of NAS id of cerb provider; required |
| secret | string | Password to cerb provider; required; write-only |
| Parameter | Type | Description |
|---|---|---|
| host | string | Ip address of service provider; required |
| port | int | Port value of service provider; required |
| bindto | string | Bind address. Include labels like ‘fudo:label:test’ or ip address |
| ldap_binddn | string | Bind domain to LDAP provider; required |
| ssl | bool | Set if you want to use ssl to authenticate; default == false |
| ssl_cert | string | Valid SSL certificate. Required if ssl property set True; default == null |
| Parameter | Type | Description |
|---|---|---|
| host | string | Ip address of service provider; required |
| port | int | Port value of service provider; required |
| bindto | string | Bind address. Include labels like ‘fudo:label:test’ or ip address |
| ad_domain | string | Bind domain to AD provider; required |
| ssl | bool | Set if you want to use ssl to authenticate; default == false |
| ssl_cert | string | Valid SSL certificate. Required if ssl property set True; default == null |
Retrieving external authentication methods list¶
Request
| Method | GET
|
| Path | /api/system/extauth
|
Note
Results pagination
Every GET request, which returns a collection of objects can be optionally paginated. To achieve it add a pagination parameter to the request path:
/api/system/objects?page=3&page_size=10
| page | int |
| page_size | int |
Possible Response
| Status | 200 OK
|
| Headers | Content-Type: Application/JSON
|
| Body | [
ExternalAuthenticationModel,
...
]
|
Example:
curl -k -X GET -H "Content-Type:application/json"
https://10.0.150.150/api/system/extauth?sessionid={{sessionid}} -d
Result: {"ad": [
{
"id": 2594073385365405697,
"type": "ad",
"host": "10.0.150.150",
"port": 389,
"bindto": null,
"ad_domain": "default",
"ssl": false,
"ssl_cert": ""
}
],
"radius": [
{
"id": 2594073385365405699,
"type": "radius",
"host": "10.0.150.150",
"port": 1645,
"bindto": null,
"nasid": "cerb"
}
],
"ldap": [
{
"id": 2594073385365405700,
"type": "ldap",
"host": "10.0.150.150",
"port": 389,
"bindto": null,
"ldap_binddn": "dc=admin4,dc=default,dc=defaultt",
"ssl": false,
"ssl_cert": ""
}
],
"cerb": [
{
"id": 2594073385365405698,
"type": "cerb",
"host": "10.0.150.150",
"port": 1812,
"bindto": "10.0.150.160",
"nasid": "cerb"
}]}
Modifying external authentication method¶
Request
| Method | PUT
|
| Path | /api/system/extauth/id
|
Possible Response
| Status | 200 OK
|
| Headers | Content-Type: Application/JSON
|
| Body | ExternalAuthenticationModel
|
Example:
curl -k -X PUT -H "Content-Type:application/json"
https://10.0.150.150/api/system/extauth/2594073385365405697?sessionid={{sessionid}} -d
{
"host": "10.0.150.150",
"port": 388,
"ad_domain": "default"
}
Creating an external authentication method¶
Request
| Method | POST
|
| Path | /api/system/extauth
|
| Headers | Content-Type: Application/JSON
|
| Body | ExternalAuthenticationModel
|
Possible Response
| Status | 201 CREATED
|
| Headers | Content-Type: Application/JSON
|
| Body | ExternalAuthenticationModel
|
| Description | Object successfully created. Resultant object's attributes
are included in response body.
|
Possible Response
| Status | 400 BAD REQUEST
|
| Headers | Content-Type: Application/JSON
|
| Body | ValidationErrors
|
| Description | Validation didn't pass.
|
Example:
curl -k -X POST -H "Content-Type:application/json"
https://10.0.150.150/api/system/extauth?sessionid={{sessionid}} -d
{
"type": "ad",
"host": "10.0.150.150",
"port": 388,
"ad_domain": "default"
}
Deleting an external authentication method¶
Request
| Method | DELETE
|
| Path | /api/system/extauth/id
|
Example:
curl -k -X DELETE
https://10.0.150.150/api/system/extauth/2594073385365405697?sessionid={{sessionid}}