LTM Profile Client-SSL¶
Overview¶
Use the LTM Profile Client-SSL API to retrieve LTM Profile Client-SSL information from BIG-IQ.
REST Endpoint: /mgmt/cm/adc-core/working-config/ltm/profile/client-ssl¶
Requests¶
Send a GET request to the /ltm/profile/client-ssl endpoint to retrieve all the profiles in the collection. To retrieve a single profile, send the GET request to the /ltm/profile/client-ssl/<id> endpoint. Where the value of placeholder <id> can be found as the UUID appearing in the profile’s selfLink.
GET /mgmt/cm/adc-core/working-config/ltm/profile/client-ssl/<id>¶
Request Parameters¶
None
Query Parameters¶
None
Response¶
HTTP/1.1 200 OK
| Name | Type | Description |
|---|---|---|
| alertTimeout | string | Alert timeout in seconds. If alertTimeout is indefinite, alerts can continue without timing out. |
| allowDynamicRecordSizing | string | Enables or disables dynamic application record sizing. The value “enabled” can allow dynamic record sizing. The default is “disabled”. |
| allowExpiredCrl | string | The specified certificate revocation list (CRL) file can be used even if it has expired. |
| appService | string | Application service to which the object belongs. |
| authenticate | string | Frequency of authentication. The default is once. |
| authenticateDepth | number | Maximum traversal depth of the client certificate chain |
| bypassOnClientCertFail | string | The value of bypassOnClientCertFail indicates whether bypass SSL forward proxy traffic will be enabled or disabled in the following case: the server requests the Client Certificate from the BIG-IP and fails to receive the certificate. The default is “disabled”. |
| bypassOnHandshakeAlert | string | The value of bypassOnHandshakeAlert indicates whether bypass SSL forward proxy traffic has been enabled or disabled for the following case: the server requests the Client Certificate from the BIG-IP and receives a handshake_failure(40) alert. The default is “disabled”. |
| cacheSize | number | SSL session cache size. For client-side profiles only, you can configure the timeout and size of the SSL session cache. You can configure the values on a per-profile basis because each profile maintains a separate SSL session cache. |
| cacheTimeout | number | SSL session cache timeout in seconds. This is the usable lifetime of negotiated SSL session IDs. The possible values are integers greater than or equal to 0 and less than or equal to 86400. The default is 3600 seconds. |
| caFile | string | Certificate authority (CA) file name. Configures certificate verification by specifying a list of client or server CAs that the traffic management system trusts. |
| certExtensionIncludes | string | The extensions of the web server certificates to be included in the generated certificates using SSL Forward Proxy. For example, { basic-constraints }. The default value is none. |
| certKeyChain | object | Array of objects used to manage the set of certificate, key, passphrase and chain associated with a client SSL profile. |
| cert | string | Name of the certificate installed on the traffic management system for the purpose of initiating or terminating a SSL connection. The default is “none”. |
| chain | string | Certificate chain file that a client can use to authenticate the profile. To use the default chain name, specify the default. |
| key | string | The name of a key file that you generated and installed on the system. The default key name is “default.key”. |
| name | string | Name of this certKeyChain object. |
| ocspStaplingParams | string | Deprecated since BIG-IP v13.0.0. Instead use modify sys crypto cert to configure an OCSP validator for the certificate and use modify ltm profile client-ssl to enable ocsp-stapling for the client-ssl profile. Specifies the OCSP Stapling Parameters object associated with this CertKeyChain object in a client SSL profile. |
| passphrase | string | Key passphrase |
| usage | string | Indicates whether this keychain entry represents a CA Cert/Key pair or a Server Cert/Key pair. Default is “SERVER”. |
| certLifespan | number | Lifespan of the certificate generated using SSL Forward Proxy. The default is 30 days. |
| certLookupByIpaddrPort | string | Indicates whether SSL forward proxy lookup certificate by ipaddr/port feature has been “enabled” or “disabled”. The default is “disabled”. |
| cipherGroup | string | An associated cipher group |
| ciphers | string | A cipher name. The default is “DEFAULT”. |
| clientCertCa | string | Name of client certificate’s certificate authority |
| crlFile | string | Name of certificate revocation list (CRL) file name |
| defaultsFrom | string | The parent profile. A new profile inherits all settings and values from this parent profile. |
| description | string | User defined description |
| destinationIpBlacklist | string | Data group list of the destination IP denylist for SSL Forward Proxy Bypass |
| destinationIpWhitelist | string | Data group list of the destination IP allowlist for SSL Forward Proxy Bypass |
| forwardProxyBypassDefaultAction | string | SSL forward proxy bypass default action. The default is “intercept”. |
| genericAlert | string | Generic-alert has been “enabled” or “disabled”. This can use generic alert number in alert message. The default is “enabled”. |
| handshakeTimeout | string | Handshake timeout in seconds. handshakeTimeout can be indefinite which continues without a timeout. |
| hostnameBlacklist | string | Data group list of the hostname denylist for SSL Forward Proxy Bypass |
| hostnameWhitelist | string | Data group list of the hostname allowlist for SSL Forward Proxy Bypass |
| isEnabled | string | Profile mode which enables or disables SSL processing |
| maxActiveHandshakes | string | Maximum number of active handshakes allowed. The default is 0. |
| maxAggregateRenegotiationPerMinute | string | Maximum number of aggregate renegotiation attempts allowed in a minute. The default is indefinite. |
| maximumRecordSize | number | The profile’s maximum record size. The range is 128 - 16384. The default is 16384. |
| maxRenegotiationsPerMinute | number | Maximum number of renegotiation attempts allowed in a minute. The default is 5. |
| modSslMethods | string | ModSSL method emulation has been “enabled” or “disabled”. Use “enabled” if OpenSSL methods are inadequate. For example, enable ModSSL method emulation to use SSL compression over TLSv1. |
| name | string | Name of the client SSL profile. This can be specified during POST only, otherwise it is read-only. |
| notifyCertStatusToVirtualServer | string | Specifies whether to propagate the status of the certificates of this client-ssl profile to the virtual servers that are using this client-ssl profile. The default is disabled. |
| ocspStapling | string | OCSP stapling has been “enabled” or “disabled”. The default is “disabled”. |
| partition | string | Administrative partition containing this profile. The default is “Common”. |
| peerCertMode | string | Peer certificate mode. The default is to ignore. |
| peerNoRenegotiateTimeout | string | Number of seconds that the system waits for ClientHello before sending Fatal Alert after sending Hello Request. You can set it to Indefinite which specifies that the system continue to wait for ClientHello for an unlimited time. The default is 10 seconds. |
| proxyCaCert | string | Certification Authority certificate for SSL Forward Proxy |
| proxyCaKey | string | Certification Authority key for SSL Forward Proxy |
| proxyCaPassphrase | string | Passphrase of the Certification Authority key for SSL Forward Proxy |
| proxySsl | string | Proxy SSL mode has been “enabled” or “disabled”. The proxy SSL mode requires a corresponding client SSL profile with proxy-ssl enabled to allow for modification of application data within an SSL tunnel. proxySsl is “disabled” by default. |
| proxySslPassthrough | string | Proxy SSL Passthrough mode has been “enabled” or “disabled”. The Proxy SSL Passthrough mode requires a corresponding client SSL profile with proxy-ssl-passthrough enabled to allow for modification of application data within an SSL tunnel. proxySsl is “disabled” by default. |
| renegotiateMaxRecordDelay | number | Maximum number of SSL records that the traffic management system can receive before it renegotiates a SSL session. After the system receives this number of SSL records, it closes the connection. This setting applies to client-side profiles only. The default is 10. |
| renegotiatePeriod | string | Number of seconds from the initial connect time after which the system renegotiates an SSL session. A new connection is started each time a session renegotiation is successful. The system then attempts to renegotiate the session again after the specified amount of time following the previous renegotiation. For example, a renegotiatePeriod of 3600 seconds triggers session renegotiation at least once an hour. The default is indefinite meaning do not renegotiate SSL sessions. |
| renegotiateSize | string | Throughput size in bytes of SSL renegotiation. This forces the traffic management system to renegotiate an SSL session based on the size, in megabytes, of application data that is transmitted over the secure channel. The default is indefinite which means do not renegotiate based on throughput size. |
| renegotiation | string | Mid-stream renegotiation has been “enabled” or “disabled”. The default is “enabled”. |
| retainCertificate | string | If true, the server certificate is retained in SSL session. The default is true. |
| selfLink | string | The selfLink of an application |
| secureRenegotiation | string | Secure renegotiation has been “enabled” or “disabled”. The default value is “require”. |
| serverName | string | Name matched to TLS/1.1 and above client SSL requests that support the Server Name Indication extension. The default value is empty, which disables support for this extension. |
| sessionMirroring | string | Session mirroring to the high-availability peer has been “enabled” or “disabled”. The default is “disabled”. |
| sessionTicket | string | Session-ticket has been “enabled” or “disabled”. The default option is disabled, see RFC5077. |
| sessionTicketTimeout | number | Session ticket timeout. The default is 0. |
| sniDefault | string | If true, this profile is the default SSL profile when a client connection does not specify a known server name, or does not specify any server name. The default is false. |
| sniRequire | string | If true, SNI support is required for the peer. If a client connection does not specify a known server name, or does not specify any server name, the connection will be rejected. The default is false. |
| sourceIpBlacklist | string | Data group list of the source IP denylist for SSL Forward Proxy Bypass |
| sourceIpWhitelist | string | Data group list of the source IP allowlist for SSL Forward Proxy Bypass |
| sslForwardProxy | string | SSL Forward Proxy feature has been “enabled” or “disabled”. The default is “disabled”. |
| sslForwardProxyBypass | string | SSL Forward Proxy Bypass feature has been “enabled” or “disabled”. The default is “disabled”. |
| strictResume | string | Indicates that the resumption of SSL sessions after an unclean shutdown has been “enabled” or “disabled”. The default is “disabled”, which means that the SSL profile can refuse to resume SSL sessions after an unclean shutdown. |
| sslSignHash | string | SSL sign hash algorithm used to sign and verify SSL Server Key Exchange and Certificate Verify messages for the SSL profile. The default is “any”. |
| tmOptions | string | Enabled options, including some industry-related workarounds. Options list is entered between braces, for example, “{dont-insert-empty-fragments microsoft-sess-id-bug}”. The default is “{all-bugfixes}”, which enables a set of industry-related miscellaneous workarounds related to SSL processing. |
| subpath | string | The BIG-IP folder where the object should be placed. |
| uncleanShutdown | string | By default, the SSL profile performs unclean shutdowns of all SSL connections. This means that underlying TCP connections are closed without exchanging the required SSL shutdown alerts. If uncleanShutdown is “disable”, the SSL profile performs a clean shutdown of all SSL connections. |
Permissions¶
| Role | Allow |
|---|---|
| Trust_Discovery_Import | Yes |
| ADC_Deployer | Yes |
| Service_Catalog_Viewer | Yes |
| Application_Editor | Yes |
| Application_Manager | Yes |
| Application_Viewer | Yes |
| Service_Catalog_Editor | Yes |
| ADC_Manager | Yes |
| ADC_Editor | Yes |
| ADC_Viewer | Yes |
| Access_View | Yes |
| Access_Edit | Yes |
| Access_Manager | Yes |
| Access_Deploy | Yes |
| Access_Policy_Editor | Yes |
POST /mgmt/cm/adc-core/working-config/ltm/profile/client-ssl¶
Send a POST request to the collection endpoint to add a profile to the collection.
Request Parameters¶
| Name | Type | Required | Description |
|---|---|---|---|
| alertTimeout | string | False | Alert timeout in seconds. Specify “indefinite” to enable alerts to continue without timing out. |
| allowDynamicRecordSizing | string | False | Enables or disables dynamic application record sizing. Specify “enabled” to allow dynamic record sizing. The default is “disabled”. |
| allowExpiredCrl | string | False | Use the specified certificate revocation file (CRL) file even if it has expired. |
| appService | string | False | Application service to which the object belongs |
| authenticate | string | False | The frequency of authentication. The default is once. |
| authenticateDepth | number | False | Maximum traversal depth of the client certificate chain |
| bypassOnClientCertFail | string | False | Specifies that if a server requests the Client Certificate from the BIG-IP, and fails to receive the certificate, the bypass SSL forward proxy traffic is “enabled” or “disabled”. The default is “disabled”. |
| bypassOnHandshakeAlert | string | False | Specifies that if a server requests the Client Certificate from the BIG-IP, and receives a handshake_failure(40) alert, the bypass SSL forward proxy traffic is “enabled” or “disabled”. The default is “disabled”. |
| cacheSize | number | False | SSL session cache size. For client-side profiles only, you can configure timeout and size values for the SSL session cache. You can configure the values on a per-profile basis because each profile maintains a separate SSL session cache. |
| cacheTimeout | number | False | SSL session cache timeout in seconds. This is the usable lifetime of negotiated SSL session IDs. The default is 3600 seconds. Possible values are integers greater than or equal to 0 and less than or equal to 86400. |
| caFile | string | False | The certificate authority (CA) file name. Configures certificate verification by specifying a list of client or server CAs that the traffic management system trusts. |
| certExtensionIncludes | object | False | Specifies the extensions of the web server certificates to be included in the generated certificates using SSL Forward Proxy. For example, { basic-constraints }. The default is none. |
| certKeyChain | object | False | Array of objects used to manage the set of certificate, key, passphrase and chain associated with a client SSL profile. |
| cert | string | False | Name of the certificate installed on the traffic management system for the purpose of terminating or initiating an SSL connection. |
| chain | string | False | Specifies or builds a certificate chain file that a client can use to authenticate the profile. To use the default chain name, specify default. |
| key | string | False | Specifies the name of a key file that you have generated and installed on the system. The default key name is default.key. |
| name | string | False | Name of this certKeyChain object. |
| ocspStaplingParams | string | False | Deprecated since BIG-IP v13.0.0. Instead use modify sys crypto cert to configure an OCSP validator for the certificate and use modify ltm profile client-ssl to enable ocsp-stapling for the clientssl profile. Specifies the OCSP Stapling Parameters object associated with this CertKeyChain object in a client SSL profile. |
| passphrase | string | False | Specifies the key passphrase if required. |
| usage | string | False | Specifies whether this keychain entry represents a CA Cert/Key pair or a Server Cert/Key pair. Default is “SERVER”. |
| certLifespan | number | False | Specifies the lifespan of the certificate generated using SSL Forward Proxy. The default is 30 days. |
| certLookupByIpaddrPort | string | False | Specifies whether SSL forward proxy lookup certificate by ipaddr/port feature is “enabled” or “disabled”. The default is “disabled”. |
| cipherGroup | string | False | Specifies an associated cipher group. |
| ciphers | string | False | A cipher name The default is “DEFAULT”, which uses the default ciphers. |
| clientCertCa | string | False | Client certificate authority name |
| crlFile | string | False | Specifies the certificate revocation list (CRL) file name or indicates the system uses the certificate revocation file name from the parent profile. |
| defaultsFrom | string | False | Profile to use as the parent profile. New profiles can inherit all settings from the parent profile. |
| description | string | False | User described description |
| destinationIpBlacklist | string | False | Data group list of the destination IP denylist for SSL Forward Proxy Bypass |
| destinationIpWhitelist | string | False | Data group list of the destination IP allowlist for SSL Forward Proxy Bypass |
| forwardProxyBypassDefaultAction | string | False | SSL forward proxy bypass default action. The default is intercept. |
| genericAlert | string | False | Enables or disables generic-alert. Possible values are “enabled” and “disabled”. These can use the generic alert number in alert message. The default is “enabled”. |
| handshakeTimeout | string | False | Handshake timeout in seconds. Specify “indefinite” to continue without timing out. |
| hostnameBlacklist | string | False | Data group list of the hostname denylist for SSL Forward Proxy Bypass |
| hostnameWhitelist | string | False | Data group list of the hostname allowlist for SSL Forward Proxy Bypass |
| isEnabled | string | False | Enables or disables SSL processing. Possible values are “enabled” and “disabled”. |
| maxActiveHandshakes | number | False | Maximum number of active handshakes allowed. The default is 0. |
| maxAggregateRenegotiationPerMinute | number | False | Maximum number of aggregate renegotiation attempts allowed in a minute. The default is indefinite. |
| maximumRecordSize | number | False | Profile’s maximum record size. The range is 128 - 16384. The default is 16384. |
| maxRenegotiationsPerMinute | number | False | Maximum number of renegotiation attempts allowed in a minute. The default is 5. |
| modSslMethods | string | False | Enables or disables ModSSL method emulation. Possible values are “enabled” and “disabled”. Use “enabled” if OpenSSL methods are inadequate. For example, you can enable ModSSL method emulation to use SSL compression over TLSv1. |
| name | string | True | Name of the client SSL profile. The value can be specified only during a POST, otherwise this is read-only. |
| notifyCertStatusToVirtualServer | string | False | Specifies whether to propagate the status of the certificates of this client ssl profile to the virtual servers that are using this client ssl profile. The default is the same as “disabled”. |
| ocspStapling | string | False | Specifies whether to enable or disable OCSP stapling. The default is the same as “disabled”. |
| partition | string | False | Administrative partition where this profile is located. The default is “Common”. |
| peerCertMode | string | False | Peer certificate mode. The default is to ignore. |
| peerNoRenegotiateTimeout | number | False | Number of seconds that the system waits for ClientHello before sending Fatal Alert after sending Hello Request. The default is 10 seconds. You can set it to Indefinite which specifies that the system continue to wait for ClientHello for an unlimited time. The default is 10. |
| proxyCaCert | string | False | Certification Authority certificate for SSL Forward Proxy |
| proxyCaKey | string | False | Certification Authority key for SSL Forward Proxy |
| proxyCaPassphrase | string | False | Passphrase of the Certification Authority key for SSL Forward Proxy |
| proxySsl | string | False | Enables or disables proxy SSL mode. Possible values are “enabled” and “disabled”. Enabling this mode requires a corresponding client SSL profile with proxy-ssl enabled to allow for modification of application data within an SSL tunnel. The default is “disabled”. |
| proxySslPassthrough | string | False | Enables Proxy SSL Passthrough mode, which requires a corresponding server SSL profile with proxy-ssl-passthrough enabled to allow for modification of application data within an SSL tunnel. The default is the same as “disabled”. |
| renegotiateMaxRecordDelay | string | False | Maximum number of SSL records that the traffic management system can receive before it renegotiates an SSL session. After the system receives this number of SSL records, it closes the connection. This setting applies to client-side profiles only. The default is 10. |
| renegotiatePeriod | string | False | Number of seconds from initial connect time after which the system renegotiates an SSL session. A new connection is started each time a session renegotiation is successful. The system then attempts to renegotiate the session again after the specified amount of time following the previous renegotiation. For example, a renegotiatePeriod of 3600 seconds triggers session renegotiation at least once an hour. The default is indefinite meaning do not renegotiate SSL sessions. |
| renegotiateSize | string | False | Throughput size in bytes of SSL renegotiation. This forces the traffic management system to renegotiate an SSL session based on the size, in megabytes, of application data that is transmitted over the secure channel. The default is indefinite which means do not renegotiate based on throughput size. |
| renegotiation | string | False | Enables or disables mid-stream renegotiation. Possible values are “enabled” and “disabled”. The default is “enabled”. |
| retainCertificate | boolean | False | If true, server certificate is retained in SSL session. The default is true. |
| selfLink | string | False | The selfLink of an application. |
| secureRenegotiation | string | False | Enables or disables secure renegotiation. Possible values are “enabled” and “disabled”. The default is require-strict. |
| serverName | string | False | Name matched to TLS/1.1 and above client SSL requests that support the Server Name Indication extension. The default is empty, which disables support for this extension. |
| sessionMirroring | string | False | Enables or disables session mirroring to the high-availability peer. Possible values are “enabled” and “disabled”. The default option is “disabled”. |
| sessionTicket | string | False | Enables or disables session-ticket. Possible values are “enabled” and “disabled”. The default is “disabled”, see RFC5077. |
| sessionTicketTimeout | number | False | Specifies the session ticket timeout. The default value is 0. |
| sniDefault | boolean | False | If true, this profile is the default SSL profile when a client connection does not specify a known server name, or does not specify any server name. The default is false. |
| sniRequire | string | boolean | If true, SNI support is required for the peer. If a client connection does not specify a known server name, or does not specify any server name, the connection will be rejected. The default is false. |
| sourceIpBlacklist | string | False | Data group list of the source IP denylist for SSL Forward Proxy Bypass. |
| sourceIpWhitelist | string | False | Data group list of the source IP allowlist for SSL Forward Proxy Bypass. |
| sslForwardProxy | string | False | Enables or disables SSL Forward Proxy. Possible values are “enabled” and “disabled”. The default is “disabled”. |
| sslForwardProxyBypass | string | False | Enables or disables SSL Forward Proxy Bypass. Possible values are “enabled” and “disabled”. The default value is disabled. |
| strictResume | string | False | Enables or disables the resumption of SSL sessions after an unclean shutdown. Possible values are “enabled” and “disabled”. The default is “disabled”, which indicates that the SSL profile refuses to resume SSL sessions after an unclean shutdown. |
| sslSignHash | string | False | SSL sign hash algorithm to sign and verify SSL Server Key Exchange and Certificate Verify messages for the specified SSL profiles. The default is “any”. |
| subpath | string | False | The BIG-IP folder where the object should be placed. |
| tmOptions | string | False | Enables options, including some industry-related workarounds. Enter options inside braces, for example, “{ dont-insert-empty-fragments microsoft-sess-id-bug}”. The default is all-bugfixes, which enables a set of industry-related workarounds related to SSL processing. |
| uncleanShutdown | string | False | By default, the SSL profile performs unclean shutdowns of all SSL connections, which means that underlying TCP connections are closed without exchanging the required SSL shutdown alerts. If uncleanShutdown is “disable”, the SSL profile to performs a clean shutdown of all SSL connections. |
Query Parameters¶
None
Permissions¶
| Role | Allow |
|---|---|
| Trust_Discovery_Import | Yes |
| ADC_Deployer | Yes |
| Service_Catalog_Viewer | Yes |
| Application_Editor | Yes |
| Application_Manager | Yes |
| Application_Viewer | Yes |
| Service_Catalog_Editor | Yes |
| ADC_Manager | Yes |
| ADC_Editor | Yes |
| ADC_Viewer | Yes |
| Access_View | Yes |
| Access_Edit | Yes |
| Access_Manager | Yes |
| Access_Deploy | Yes |
| Access_Policy_Editor | Yes |
PATCH /mgmt/cm/adc-core/working-config/ltm/profile/client-ssl/<id>¶
Send a PATCH request, and specify the profile’s <id>, to replace the specified profile in the collection.
To change selected parameters of an existing client-ssl profile, send a PATCH request to the /ltm/profile/client-ssl/<id> endpoint. Where the value of placeholder <id> can be found as the UUID appearing in the profile’s selfLink.
Request Parameters¶
The JSON in the body of the PATCH request can contain the same parameters as a POST request. Only the parameters that are being updated need to be included in the body of the request.
Query Parameters¶
None
Permissions¶
| Role | Allow |
|---|---|
| Trust_Discovery_Import | Yes |
| ADC_Deployer | Yes |
| Service_Catalog_Viewer | Yes |
| Application_Editor | Yes |
| Application_Manager | Yes |
| Application_Viewer | Yes |
| Service_Catalog_Editor | Yes |
| ADC_Manager | Yes |
| ADC_Editor | Yes |
| ADC_Viewer | Yes |
| Access_View | Yes |
| Access_Edit | Yes |
| Access_Manager | Yes |
| Access_Deploy | Yes |
| Access_Policy_Editor | Yes |
PUT /mgmt/cm/adc-core/working-config/ltm/profile/client-ssl/<id>¶
To replace an existing client-ssl profile from the collection, send a PUT request to the /ltm/profile/client-ssl/<id> endpoint. Where the value of placeholder <id> can be found as the UUID appearing in the profile’s selfLink.
Request Parameters¶
The JSON in the body of the PUT request can contain the same parameters as a POST request.
Query Parameters¶
None
Permissions¶
| Role | Allow |
|---|---|
| Trust_Discovery_Import | Yes |
| ADC_Deployer | Yes |
| Service_Catalog_Viewer | Yes |
| Application_Editor | Yes |
| Application_Manager | Yes |
| Application_Viewer | Yes |
| Service_Catalog_Editor | Yes |
| ADC_Manager | Yes |
| ADC_Editor | Yes |
| ADC_Viewer | Yes |
| Access_View | Yes |
| Access_Edit | Yes |
| Access_Manager | Yes |
| Access_Deploy | Yes |
| Access_Policy_Editor | Yes |
DELETE /mgmt/cm/adc-core/working-config/ltm/profile/client-ssl/<id>¶
To delete an existing client-ssl profile from the collection, send a DELETE request to the /ltm/profile/client-ssl/<id> endpoint. Where the value of placeholder <id> can be found as the UUID appearing in the profile’s selfLink.
Request Parameters¶
None
Query Parameters¶
None
Permissions¶
| Role | Allow |
|---|---|
| Trust_Discovery_Import | Yes |
| ADC_Deployer | Yes |
| Service_Catalog_Viewer | Yes |
| Application_Editor | Yes |
| Application_Manager | Yes |
| Application_Viewer | Yes |
| Service_Catalog_Editor | Yes |
| ADC_Manager | Yes |
| ADC_Editor | Yes |
| ADC_Viewer | Yes |
| Access_View | Yes |
| Access_Edit | Yes |
| Access_Manager | Yes |
| Access_Deploy | Yes |
| Access_Policy_Editor | Yes |
Examples¶
None