SecurID Server

Overview

This document describes the API to configure AAA SecurID servers and their properties in BIG-IQ.

REST Endpoint: /cm/access/working-config/apm/aaa/securid

Requests

GET /cm/access/working-config/apm/aaa/securid/<id>

Request Parameters

None

Query Parameters

None

Response

HTTP/1.1 200 OK

Name Type Description
configFilesReference reference Reference to the stored Configuration file.
     link string URI link of the reference.
sourceIp string Specify the address as translated by the NAT device in the network path between APM and the RSA Authentication Manager server.
name string The name of the object
partition string The BIG-IP partition where the object should be placed
subPath string The BIG-IP folder where the object should be placed
lsoDeviceReference reference Reference to the device
     id string Id of the device.
     name string Device name. Typically it is device’s hostname.
     kind string Kind of the device.
     machineId string Machine ID of the device.
     link string URI link of the reference.
isLsoShared boolean Specifies if the location-specific object instance is shared across all devices. Use this only during POST. Warning: Do not flip this flag during PUT/PATCH operations.
deviceGroupReference reference Reference to the device group.
     name string Name of the resource
     kind string The kind of the resource.
     link string URI link of the reference.
id string An ID of an application
kind string The kind of an application.
selfLink string The selfLink of an application.

Error Response

HTTP/1.1 400 Bad Request

This response status is related to error conditions. A Detailed error message displays in the response.

HTTP/1.1 401 Unauthorized

This response happens when access is denied due to invalid credentials(no Permission).

Permissions

Role Allow
Application_Editor Yes
Service_Catalog_Viewer Yes
Service_Catalog_Editor Yes
Trust_Discovery_Import Yes
Access_View Yes
Access_Edit Yes
Access_Manager Yes
Application_Manager Yes
Application_Viewer Yes
Trust_Discovery_Import Yes
Access_Deploy Yes
Access_Policy_Editor Yes

POST /cm/access/working-config/apm/aaa/securid

Request Parameters

Name Type Required Description
configFilesReference reference False Reference to the stored Configuration file.
     link string True URI link of the reference.
sourceIp string True Specify the address as translated by the NAT device in the network path between APM and the RSA Authentication Manager server.
name string True The name of the object
partition string True The BIG-IP partition where the object should be placed
subPath string False The BIG-IP folder where the object should be placed
lsoDeviceReference reference False Reference to the device
     id string False Id of the device.
     link string True URI link of the reference.
isLsoShared boolean True Specifies if the location-specific object instance is shared across all devices. Use this only during POST. Warning: Do not flip this flag during PUT/PATCH operations.
deviceGroupReference reference True Reference to the device group.
     link string True URI link of the reference.

Query Parameters

None

Response

HTTP/1.1 200 OK

Name Type Description
configFilesReference reference Reference to the stored Configuration file.
     link string URI link of the reference.
sourceIp string Specify the address as translated by the NAT device in the network path between APM and the RSA Authentication Manager server.
name string The name of the object
partition string The BIG-IP partition where the object should be placed
subPath string The BIG-IP folder where the object should be placed
lsoDeviceReference reference Reference to the device
     id string Id of the device.
     name string Device name. Typically it is device’s hostname.
     kind string Kind of the device.
     machineId string Machine ID of the device.
     link string URI link of the reference.
isLsoShared boolean Specifies if the location-specific object instance is shared across all devices. Use this only during POST. Warning: Do not flip this flag during PUT/PATCH operations.
deviceGroupReference reference Reference to the device group.
     name string Name of the resource
     kind string The kind of the resource.
     link string URI link of the reference.
id string An ID of an application
kind string The kind of an application.
selfLink string The selfLink of an application.

Error Response

HTTP/1.1 400 Bad Request

This response status is related to error conditions. A Detailed error message displays in the response.

HTTP/1.1 401 Unauthorized

This response happens when access is denied due to invalid credentials(no Permission).

Permissions

Role Allow
Application_Editor No
Service_Catalog_Viewer No
Service_Catalog_Editor No
Trust_Discovery_Import No
Access_View No
Access_Edit Yes
Access_Manager Yes
Application_Manager No
Application_Viewer No
Trust_Discovery_Import No
Access_Deploy No
Access_Policy_Editor No

PUT /cm/access/working-config/apm/aaa/securid/<id>

Request Parameters

Name Type Required Description
configFilesReference reference False Reference to the stored Configuration file.
     link string True URI link of the reference.
sourceIp string False Specify the address as translated by the NAT device in the network path between APM and the RSA Authentication Manager server.
name string False The name of the object
partition string False The BIG-IP partition where the object should be placed
subPath string False The BIG-IP folder where the object should be placed
lsoDeviceReference reference False Reference to the device
     id string False Id of the device.
     name string True Device name. Typically it is device’s hostname.
     kind string False Kind of the device.
     machineId string False Machine ID of the device.
     link string False URI link of the reference.
isLsoShared boolean False Specifies if the location-specific object instance is shared across all devices. Use this only during POST. Warning: Do not flip this flag during PUT/PATCH operations.
deviceGroupReference reference True Reference to the device group.
     name string False Name of the resource
     kind string False The kind of the resource.
     link string False URI link of the reference.
id string False An ID of an application
kind string False The kind of an application.
selfLink string False The selfLink of an application.

Query Parameters

None

Response

HTTP/1.1 200 OK

Name Type Description
configFilesReference reference Reference to the stored Configuration file.
     link string URI link of the reference.
sourceIp string Specify the address as translated by the NAT device in the network path between APM and the RSA Authentication Manager server.
name string The name of the object
partition string The BIG-IP partition where the object should be placed
subPath string The BIG-IP folder where the object should be placed
lsoDeviceReference reference Reference to the device
     id string Id of the device.
     name string Device name. Typically it is device’s hostname.
     kind string Kind of the device.
     machineId string Machine ID of the device.
     link string URI link of the reference.
isLsoShared boolean Specifies if the location-specific object instance is shared across all devices. Use this only during POST. Warning: Do not flip this flag during PUT/PATCH operations.
deviceGroupReference reference Reference to the device group.
     name string Name of the resource
     kind string The kind of the resource.
     link string URI link of the reference.
id string An ID of an application
kind string The kind of an application.
selfLink string The selfLink of an application.

Error Response

HTTP/1.1 400 Bad Request

This response status is related to error conditions. A Detailed error message displays in the response.

HTTP/1.1 401 Unauthorized

This response happens when access is denied due to invalid credentials(no Permission).

Permissions

Role Allow
Application_Editor No
Service_Catalog_Viewer No
Service_Catalog_Editor No
Trust_Discovery_Import No
Access_View No
Access_Edit Yes
Access_Manager Yes
Application_Manager No
Application_Viewer No
Trust_Discovery_Import No
Access_Deploy No
Access_Policy_Editor No

PATCH /cm/access/working-config/apm/aaa/securid/<id>

Request Parameters

Name Type Required Description
configFilesReference reference False Reference to the stored Configuration file.
     link string True URI link of the reference.
sourceIp string False Specify the address as translated by the NAT device in the network path between APM and the RSA Authentication Manager server.
isLsoShared boolean False Specifies if the location-specific object instance is shared across all devices. Use this only during POST. Warning: Do not flip this flag during PUT/PATCH operations.

Query Parameters

None

Response

HTTP/1.1 200 OK

Name Type Description
configFilesReference reference Reference to the stored Configuration file.
     link string URI link of the reference.
sourceIp string Specify the address as translated by the NAT device in the network path between APM and the RSA Authentication Manager server.
name string The name of the object
partition string The BIG-IP partition where the object should be placed
subPath string The BIG-IP folder where the object should be placed
lsoDeviceReference reference Reference to the device
     id string Id of the device.
     name string Device name. Typically it is device’s hostname.
     kind string Kind of the device.
     machineId string Machine ID of the device.
     link string URI link of the reference.
isLsoShared boolean Specifies if the location-specific object instance is shared across all devices. Use this only during POST. Warning: Do not flip this flag during PUT/PATCH operations.
deviceGroupReference reference Reference to the device group.
     name string Name of the resource
     kind string The kind of the resource.
     link string URI link of the reference.
id string An ID of an application
kind string The kind of an application.
selfLink string The selfLink of an application.

Error Response

HTTP/1.1 400 Bad Request

This response status is related to error conditions. A Detailed error message displays in the response.

HTTP/1.1 401 Unauthorized

This response happens when access is denied due to invalid credentials(no Permission).

Permissions

Role Allow
Application_Editor No
Service_Catalog_Viewer No
Service_Catalog_Editor No
Trust_Discovery_Import No
Access_View No
Access_Edit Yes
Access_Manager Yes
Application_Manager No
Application_Viewer No
Trust_Discovery_Import No
Access_Deploy No
Access_Policy_Editor No

DELETE /cm/access/working-config/apm/aaa/securid/<id>

Request Parameters

None

Query Parameters

None

Response

HTTP/1.1 200 OK

Name Type Description
configFilesReference reference Reference to the stored Configuration file.
     link string URI link of the reference.
sourceIp string Specify the address as translated by the NAT device in the network path between APM and the RSA Authentication Manager server.
name string The name of the object
partition string The BIG-IP partition where the object should be placed
subPath string The BIG-IP folder where the object should be placed
lsoDeviceReference reference Reference to the device
     id string Id of the device.
     name string Device name. Typically it is device’s hostname.
     kind string Kind of the device.
     machineId string Machine ID of the device.
     link string URI link of the reference.
isLsoShared boolean Specifies if the location-specific object instance is shared across all devices. Use this only during POST. Warning: Do not flip this flag during PUT/PATCH operations.
deviceGroupReference reference Reference to the device group.
     name string Name of the resource
     kind string The kind of the resource.
     link string URI link of the reference.
id string An ID of an application
kind string The kind of an application.
selfLink string The selfLink of an application.

Error Response

HTTP/1.1 400 Bad Request

This response status is related to error conditions. A Detailed error message displays in the response.

HTTP/1.1 401 Unauthorized

This response happens when access is denied due to invalid credentials(no Permission).

Permissions

Role Allow
Application_Editor No
Service_Catalog_Viewer No
Service_Catalog_Editor No
Trust_Discovery_Import No
Access_View No
Access_Edit Yes
Access_Manager Yes
Application_Manager No
Application_Viewer No
Trust_Discovery_Import No
Access_Deploy No
Access_Policy_Editor No

Examples

Get AAA SecurID Server

GET /cm/access/working-config/apm/aaa/securid/<id>

Response

HTTP/1.1 200 OK
{
    "configFilesReference": {
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "sourceIp": "10.192.123.10",
    "name": "foo",
    "partition": "Common",
    "subPath": "/folder",
    "lsoDeviceReference": {
        "id": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
        "name": "bigip.foo.com",
        "kind": "shared:resolver:device-groups:restdeviceresolverdevicestate",
        "machineId": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "isLsoShared": false,
    "deviceGroupReference": {
        "name": "resourceName",
        "kind": "shared:resolver:device-groups:devicegroupstate",
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "id": "8f1fcb69-1f3c-3c0d-812e-af4fdde0ac11",
    "kind": "cm:access:working-config:apm:aaa:state",
        "selfLink": "https://localhost/mgmt/cm/access/working-config/apm/f0938680-57d5-377f-8c73-da4c2ce561ed"    }

Create New AAA SecurID Server

POST /cm/access/working-config/apm/aaa/securid
{
    "configFilesReference": {
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "sourceIp": "10.192.123.10",
    "name": "foo",
    "partition": "Common",
    "subPath": "/folder",
    "lsoDeviceReference": {
        "id": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "isLsoShared": false,
    "deviceGroupReference": {
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
}

Response

HTTP/1.1 200 OK
{
    "configFilesReference": {
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "sourceIp": "10.192.123.10",
    "name": "foo",
    "partition": "Common",
    "subPath": "/folder",
    "lsoDeviceReference": {
        "id": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
        "name": "bigip.foo.com",
        "kind": "shared:resolver:device-groups:restdeviceresolverdevicestate",
        "machineId": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "isLsoShared": false,
    "deviceGroupReference": {
        "name": "resourceName",
        "kind": "shared:resolver:device-groups:devicegroupstate",
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "id": "8f1fcb69-1f3c-3c0d-812e-af4fdde0ac11",
    "kind": "cm:access:working-config:apm:aaa:state",
        "selfLink": "https://localhost/mgmt/cm/access/working-config/apm/f0938680-57d5-377f-8c73-da4c2ce561ed"    }

Edit AAA SecurID Server

PUT /cm/access/working-config/apm/aaa/securid/<id>
{
    "configFilesReference": {
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "sourceIp": "10.192.123.10",
    "name": "foo",
    "partition": "Common",
    "subPath": "/folder",
    "lsoDeviceReference": {
        "id": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
        "name": "bigip.foo.com",
        "kind": "shared:resolver:device-groups:restdeviceresolverdevicestate",
        "machineId": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "isLsoShared": false,
    "deviceGroupReference": {
        "name": "resourceName",
        "kind": "shared:resolver:device-groups:devicegroupstate",
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "id": "8f1fcb69-1f3c-3c0d-812e-af4fdde0ac11",
    "kind": "cm:access:working-config:apm:aaa:state",
        "selfLink": "https://localhost/mgmt/cm/access/working-config/apm/f0938680-57d5-377f-8c73-da4c2ce561ed"    }

Response

HTTP/1.1 200 OK
{
    "configFilesReference": {
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "sourceIp": "10.192.123.10",
    "name": "foo",
    "partition": "Common",
    "subPath": "/folder",
    "lsoDeviceReference": {
        "id": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
        "name": "bigip.foo.com",
        "kind": "shared:resolver:device-groups:restdeviceresolverdevicestate",
        "machineId": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "isLsoShared": false,
    "deviceGroupReference": {
        "name": "resourceName",
        "kind": "shared:resolver:device-groups:devicegroupstate",
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "id": "8f1fcb69-1f3c-3c0d-812e-af4fdde0ac11",
    "kind": "cm:access:working-config:apm:aaa:state",
        "selfLink": "https://localhost/mgmt/cm/access/working-config/apm/f0938680-57d5-377f-8c73-da4c2ce561ed"    }

Edit AAA SecurID Server

PATCH /cm/access/working-config/apm/aaa/securid/<id>
{
    "configFilesReference": {
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "sourceIp": "10.192.123.10",
    "isLsoShared": false,
}

Response

HTTP/1.1 200 OK
{
    "configFilesReference": {
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "sourceIp": "10.192.123.10",
    "name": "foo",
    "partition": "Common",
    "subPath": "/folder",
    "lsoDeviceReference": {
        "id": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
        "name": "bigip.foo.com",
        "kind": "shared:resolver:device-groups:restdeviceresolverdevicestate",
        "machineId": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "isLsoShared": false,
    "deviceGroupReference": {
        "name": "resourceName",
        "kind": "shared:resolver:device-groups:devicegroupstate",
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "id": "8f1fcb69-1f3c-3c0d-812e-af4fdde0ac11",
    "kind": "cm:access:working-config:apm:aaa:state",
        "selfLink": "https://localhost/mgmt/cm/access/working-config/apm/f0938680-57d5-377f-8c73-da4c2ce561ed"    }

Delete AAA SecurID Server

DELETE /cm/access/working-config/apm/aaa/securid/<id>

Response

HTTP/1.1 200 OK
{
    "configFilesReference": {
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "sourceIp": "10.192.123.10",
    "name": "foo",
    "partition": "Common",
    "subPath": "/folder",
    "lsoDeviceReference": {
        "id": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
        "name": "bigip.foo.com",
        "kind": "shared:resolver:device-groups:restdeviceresolverdevicestate",
        "machineId": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "isLsoShared": false,
    "deviceGroupReference": {
        "name": "resourceName",
        "kind": "shared:resolver:device-groups:devicegroupstate",
        "link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
    },
    "id": "8f1fcb69-1f3c-3c0d-812e-af4fdde0ac11",
    "kind": "cm:access:working-config:apm:aaa:state",
        "selfLink": "https://localhost/mgmt/cm/access/working-config/apm/f0938680-57d5-377f-8c73-da4c2ce561ed"    }