SecurID Server¶
Overview¶
This document describes the API to configure AAA SecurID servers and their properties in BIG-IQ.
REST Endpoint: /cm/access/working-config/apm/aaa/securid¶
Requests¶
GET /cm/access/working-config/apm/aaa/securid/<id>¶
Request Parameters¶
None
Query Parameters¶
None
Response¶
HTTP/1.1 200 OK
Name | Type | Description |
---|---|---|
configFilesReference | reference | Reference to the stored Configuration file. |
link | string | URI link of the reference. |
sourceIp | string | Specify the address as translated by the NAT device in the network path between APM and the RSA Authentication Manager server. |
name | string | The name of the object |
partition | string | The BIG-IP partition where the object should be placed |
subPath | string | The BIG-IP folder where the object should be placed |
lsoDeviceReference | reference | Reference to the device |
id | string | Id of the device. |
name | string | Device name. Typically it is device’s hostname. |
kind | string | Kind of the device. |
machineId | string | Machine ID of the device. |
link | string | URI link of the reference. |
isLsoShared | boolean | Specifies if the location-specific object instance is shared across all devices. Use this only during POST. Warning: Do not flip this flag during PUT/PATCH operations. |
deviceGroupReference | reference | Reference to the device group. |
name | string | Name of the resource |
kind | string | The kind of the resource. |
link | string | URI link of the reference. |
id | string | An ID of an application |
kind | string | The kind of an application. |
selfLink | string | The selfLink of an application. |
Error Response¶
HTTP/1.1 400 Bad Request
This response status is related to error conditions. A Detailed error message displays in the response.
HTTP/1.1 401 Unauthorized
This response happens when access is denied due to invalid credentials(no Permission).
Permissions¶
Role | Allow |
---|---|
Application_Editor | Yes |
Service_Catalog_Viewer | Yes |
Service_Catalog_Editor | Yes |
Trust_Discovery_Import | Yes |
Access_View | Yes |
Access_Edit | Yes |
Access_Manager | Yes |
Application_Manager | Yes |
Application_Viewer | Yes |
Trust_Discovery_Import | Yes |
Access_Deploy | Yes |
Access_Policy_Editor | Yes |
POST /cm/access/working-config/apm/aaa/securid¶
Request Parameters¶
Name | Type | Required | Description |
---|---|---|---|
configFilesReference | reference | False | Reference to the stored Configuration file. |
link | string | True | URI link of the reference. |
sourceIp | string | True | Specify the address as translated by the NAT device in the network path between APM and the RSA Authentication Manager server. |
name | string | True | The name of the object |
partition | string | True | The BIG-IP partition where the object should be placed |
subPath | string | False | The BIG-IP folder where the object should be placed |
lsoDeviceReference | reference | False | Reference to the device |
id | string | False | Id of the device. |
link | string | True | URI link of the reference. |
isLsoShared | boolean | True | Specifies if the location-specific object instance is shared across all devices. Use this only during POST. Warning: Do not flip this flag during PUT/PATCH operations. |
deviceGroupReference | reference | True | Reference to the device group. |
link | string | True | URI link of the reference. |
Query Parameters¶
None
Response¶
HTTP/1.1 200 OK
Name | Type | Description |
---|---|---|
configFilesReference | reference | Reference to the stored Configuration file. |
link | string | URI link of the reference. |
sourceIp | string | Specify the address as translated by the NAT device in the network path between APM and the RSA Authentication Manager server. |
name | string | The name of the object |
partition | string | The BIG-IP partition where the object should be placed |
subPath | string | The BIG-IP folder where the object should be placed |
lsoDeviceReference | reference | Reference to the device |
id | string | Id of the device. |
name | string | Device name. Typically it is device’s hostname. |
kind | string | Kind of the device. |
machineId | string | Machine ID of the device. |
link | string | URI link of the reference. |
isLsoShared | boolean | Specifies if the location-specific object instance is shared across all devices. Use this only during POST. Warning: Do not flip this flag during PUT/PATCH operations. |
deviceGroupReference | reference | Reference to the device group. |
name | string | Name of the resource |
kind | string | The kind of the resource. |
link | string | URI link of the reference. |
id | string | An ID of an application |
kind | string | The kind of an application. |
selfLink | string | The selfLink of an application. |
Error Response¶
HTTP/1.1 400 Bad Request
This response status is related to error conditions. A Detailed error message displays in the response.
HTTP/1.1 401 Unauthorized
This response happens when access is denied due to invalid credentials(no Permission).
Permissions¶
Role | Allow |
---|---|
Application_Editor | No |
Service_Catalog_Viewer | No |
Service_Catalog_Editor | No |
Trust_Discovery_Import | No |
Access_View | No |
Access_Edit | Yes |
Access_Manager | Yes |
Application_Manager | No |
Application_Viewer | No |
Trust_Discovery_Import | No |
Access_Deploy | No |
Access_Policy_Editor | No |
PUT /cm/access/working-config/apm/aaa/securid/<id>¶
Request Parameters¶
Name | Type | Required | Description |
---|---|---|---|
configFilesReference | reference | False | Reference to the stored Configuration file. |
link | string | True | URI link of the reference. |
sourceIp | string | False | Specify the address as translated by the NAT device in the network path between APM and the RSA Authentication Manager server. |
name | string | False | The name of the object |
partition | string | False | The BIG-IP partition where the object should be placed |
subPath | string | False | The BIG-IP folder where the object should be placed |
lsoDeviceReference | reference | False | Reference to the device |
id | string | False | Id of the device. |
name | string | True | Device name. Typically it is device’s hostname. |
kind | string | False | Kind of the device. |
machineId | string | False | Machine ID of the device. |
link | string | False | URI link of the reference. |
isLsoShared | boolean | False | Specifies if the location-specific object instance is shared across all devices. Use this only during POST. Warning: Do not flip this flag during PUT/PATCH operations. |
deviceGroupReference | reference | True | Reference to the device group. |
name | string | False | Name of the resource |
kind | string | False | The kind of the resource. |
link | string | False | URI link of the reference. |
id | string | False | An ID of an application |
kind | string | False | The kind of an application. |
selfLink | string | False | The selfLink of an application. |
Query Parameters¶
None
Response¶
HTTP/1.1 200 OK
Name | Type | Description |
---|---|---|
configFilesReference | reference | Reference to the stored Configuration file. |
link | string | URI link of the reference. |
sourceIp | string | Specify the address as translated by the NAT device in the network path between APM and the RSA Authentication Manager server. |
name | string | The name of the object |
partition | string | The BIG-IP partition where the object should be placed |
subPath | string | The BIG-IP folder where the object should be placed |
lsoDeviceReference | reference | Reference to the device |
id | string | Id of the device. |
name | string | Device name. Typically it is device’s hostname. |
kind | string | Kind of the device. |
machineId | string | Machine ID of the device. |
link | string | URI link of the reference. |
isLsoShared | boolean | Specifies if the location-specific object instance is shared across all devices. Use this only during POST. Warning: Do not flip this flag during PUT/PATCH operations. |
deviceGroupReference | reference | Reference to the device group. |
name | string | Name of the resource |
kind | string | The kind of the resource. |
link | string | URI link of the reference. |
id | string | An ID of an application |
kind | string | The kind of an application. |
selfLink | string | The selfLink of an application. |
Error Response¶
HTTP/1.1 400 Bad Request
This response status is related to error conditions. A Detailed error message displays in the response.
HTTP/1.1 401 Unauthorized
This response happens when access is denied due to invalid credentials(no Permission).
Permissions¶
Role | Allow |
---|---|
Application_Editor | No |
Service_Catalog_Viewer | No |
Service_Catalog_Editor | No |
Trust_Discovery_Import | No |
Access_View | No |
Access_Edit | Yes |
Access_Manager | Yes |
Application_Manager | No |
Application_Viewer | No |
Trust_Discovery_Import | No |
Access_Deploy | No |
Access_Policy_Editor | No |
PATCH /cm/access/working-config/apm/aaa/securid/<id>¶
Request Parameters¶
Name | Type | Required | Description |
---|---|---|---|
configFilesReference | reference | False | Reference to the stored Configuration file. |
link | string | True | URI link of the reference. |
sourceIp | string | False | Specify the address as translated by the NAT device in the network path between APM and the RSA Authentication Manager server. |
isLsoShared | boolean | False | Specifies if the location-specific object instance is shared across all devices. Use this only during POST. Warning: Do not flip this flag during PUT/PATCH operations. |
Query Parameters¶
None
Response¶
HTTP/1.1 200 OK
Name | Type | Description |
---|---|---|
configFilesReference | reference | Reference to the stored Configuration file. |
link | string | URI link of the reference. |
sourceIp | string | Specify the address as translated by the NAT device in the network path between APM and the RSA Authentication Manager server. |
name | string | The name of the object |
partition | string | The BIG-IP partition where the object should be placed |
subPath | string | The BIG-IP folder where the object should be placed |
lsoDeviceReference | reference | Reference to the device |
id | string | Id of the device. |
name | string | Device name. Typically it is device’s hostname. |
kind | string | Kind of the device. |
machineId | string | Machine ID of the device. |
link | string | URI link of the reference. |
isLsoShared | boolean | Specifies if the location-specific object instance is shared across all devices. Use this only during POST. Warning: Do not flip this flag during PUT/PATCH operations. |
deviceGroupReference | reference | Reference to the device group. |
name | string | Name of the resource |
kind | string | The kind of the resource. |
link | string | URI link of the reference. |
id | string | An ID of an application |
kind | string | The kind of an application. |
selfLink | string | The selfLink of an application. |
Error Response¶
HTTP/1.1 400 Bad Request
This response status is related to error conditions. A Detailed error message displays in the response.
HTTP/1.1 401 Unauthorized
This response happens when access is denied due to invalid credentials(no Permission).
Permissions¶
Role | Allow |
---|---|
Application_Editor | No |
Service_Catalog_Viewer | No |
Service_Catalog_Editor | No |
Trust_Discovery_Import | No |
Access_View | No |
Access_Edit | Yes |
Access_Manager | Yes |
Application_Manager | No |
Application_Viewer | No |
Trust_Discovery_Import | No |
Access_Deploy | No |
Access_Policy_Editor | No |
DELETE /cm/access/working-config/apm/aaa/securid/<id>¶
Request Parameters¶
None
Query Parameters¶
None
Response¶
HTTP/1.1 200 OK
Name | Type | Description |
---|---|---|
configFilesReference | reference | Reference to the stored Configuration file. |
link | string | URI link of the reference. |
sourceIp | string | Specify the address as translated by the NAT device in the network path between APM and the RSA Authentication Manager server. |
name | string | The name of the object |
partition | string | The BIG-IP partition where the object should be placed |
subPath | string | The BIG-IP folder where the object should be placed |
lsoDeviceReference | reference | Reference to the device |
id | string | Id of the device. |
name | string | Device name. Typically it is device’s hostname. |
kind | string | Kind of the device. |
machineId | string | Machine ID of the device. |
link | string | URI link of the reference. |
isLsoShared | boolean | Specifies if the location-specific object instance is shared across all devices. Use this only during POST. Warning: Do not flip this flag during PUT/PATCH operations. |
deviceGroupReference | reference | Reference to the device group. |
name | string | Name of the resource |
kind | string | The kind of the resource. |
link | string | URI link of the reference. |
id | string | An ID of an application |
kind | string | The kind of an application. |
selfLink | string | The selfLink of an application. |
Error Response¶
HTTP/1.1 400 Bad Request
This response status is related to error conditions. A Detailed error message displays in the response.
HTTP/1.1 401 Unauthorized
This response happens when access is denied due to invalid credentials(no Permission).
Permissions¶
Role | Allow |
---|---|
Application_Editor | No |
Service_Catalog_Viewer | No |
Service_Catalog_Editor | No |
Trust_Discovery_Import | No |
Access_View | No |
Access_Edit | Yes |
Access_Manager | Yes |
Application_Manager | No |
Application_Viewer | No |
Trust_Discovery_Import | No |
Access_Deploy | No |
Access_Policy_Editor | No |
Examples¶
Get AAA SecurID Server¶
GET /cm/access/working-config/apm/aaa/securid/<id>
Response¶
HTTP/1.1 200 OK
{
"configFilesReference": {
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"sourceIp": "10.192.123.10",
"name": "foo",
"partition": "Common",
"subPath": "/folder",
"lsoDeviceReference": {
"id": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
"name": "bigip.foo.com",
"kind": "shared:resolver:device-groups:restdeviceresolverdevicestate",
"machineId": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"isLsoShared": false,
"deviceGroupReference": {
"name": "resourceName",
"kind": "shared:resolver:device-groups:devicegroupstate",
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"id": "8f1fcb69-1f3c-3c0d-812e-af4fdde0ac11",
"kind": "cm:access:working-config:apm:aaa:state",
"selfLink": "https://localhost/mgmt/cm/access/working-config/apm/f0938680-57d5-377f-8c73-da4c2ce561ed" }
Create New AAA SecurID Server¶
POST /cm/access/working-config/apm/aaa/securid
{
"configFilesReference": {
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"sourceIp": "10.192.123.10",
"name": "foo",
"partition": "Common",
"subPath": "/folder",
"lsoDeviceReference": {
"id": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"isLsoShared": false,
"deviceGroupReference": {
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
}
Response¶
HTTP/1.1 200 OK
{
"configFilesReference": {
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"sourceIp": "10.192.123.10",
"name": "foo",
"partition": "Common",
"subPath": "/folder",
"lsoDeviceReference": {
"id": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
"name": "bigip.foo.com",
"kind": "shared:resolver:device-groups:restdeviceresolverdevicestate",
"machineId": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"isLsoShared": false,
"deviceGroupReference": {
"name": "resourceName",
"kind": "shared:resolver:device-groups:devicegroupstate",
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"id": "8f1fcb69-1f3c-3c0d-812e-af4fdde0ac11",
"kind": "cm:access:working-config:apm:aaa:state",
"selfLink": "https://localhost/mgmt/cm/access/working-config/apm/f0938680-57d5-377f-8c73-da4c2ce561ed" }
Edit AAA SecurID Server¶
PUT /cm/access/working-config/apm/aaa/securid/<id>
{
"configFilesReference": {
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"sourceIp": "10.192.123.10",
"name": "foo",
"partition": "Common",
"subPath": "/folder",
"lsoDeviceReference": {
"id": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
"name": "bigip.foo.com",
"kind": "shared:resolver:device-groups:restdeviceresolverdevicestate",
"machineId": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"isLsoShared": false,
"deviceGroupReference": {
"name": "resourceName",
"kind": "shared:resolver:device-groups:devicegroupstate",
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"id": "8f1fcb69-1f3c-3c0d-812e-af4fdde0ac11",
"kind": "cm:access:working-config:apm:aaa:state",
"selfLink": "https://localhost/mgmt/cm/access/working-config/apm/f0938680-57d5-377f-8c73-da4c2ce561ed" }
Response¶
HTTP/1.1 200 OK
{
"configFilesReference": {
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"sourceIp": "10.192.123.10",
"name": "foo",
"partition": "Common",
"subPath": "/folder",
"lsoDeviceReference": {
"id": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
"name": "bigip.foo.com",
"kind": "shared:resolver:device-groups:restdeviceresolverdevicestate",
"machineId": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"isLsoShared": false,
"deviceGroupReference": {
"name": "resourceName",
"kind": "shared:resolver:device-groups:devicegroupstate",
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"id": "8f1fcb69-1f3c-3c0d-812e-af4fdde0ac11",
"kind": "cm:access:working-config:apm:aaa:state",
"selfLink": "https://localhost/mgmt/cm/access/working-config/apm/f0938680-57d5-377f-8c73-da4c2ce561ed" }
Edit AAA SecurID Server¶
PATCH /cm/access/working-config/apm/aaa/securid/<id>
{
"configFilesReference": {
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"sourceIp": "10.192.123.10",
"isLsoShared": false,
}
Response¶
HTTP/1.1 200 OK
{
"configFilesReference": {
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"sourceIp": "10.192.123.10",
"name": "foo",
"partition": "Common",
"subPath": "/folder",
"lsoDeviceReference": {
"id": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
"name": "bigip.foo.com",
"kind": "shared:resolver:device-groups:restdeviceresolverdevicestate",
"machineId": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"isLsoShared": false,
"deviceGroupReference": {
"name": "resourceName",
"kind": "shared:resolver:device-groups:devicegroupstate",
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"id": "8f1fcb69-1f3c-3c0d-812e-af4fdde0ac11",
"kind": "cm:access:working-config:apm:aaa:state",
"selfLink": "https://localhost/mgmt/cm/access/working-config/apm/f0938680-57d5-377f-8c73-da4c2ce561ed" }
Delete AAA SecurID Server¶
DELETE /cm/access/working-config/apm/aaa/securid/<id>
Response¶
HTTP/1.1 200 OK
{
"configFilesReference": {
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"sourceIp": "10.192.123.10",
"name": "foo",
"partition": "Common",
"subPath": "/folder",
"lsoDeviceReference": {
"id": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
"name": "bigip.foo.com",
"kind": "shared:resolver:device-groups:restdeviceresolverdevicestate",
"machineId": "866cfd8a-4d03-48e9-ba94-bb21a4bc2346",
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"isLsoShared": false,
"deviceGroupReference": {
"name": "resourceName",
"kind": "shared:resolver:device-groups:devicegroupstate",
"link": "https://localhost/mgmt/shared/foo/bar/866cfd8a-4d03-48e9-ba94-bb21a4bc2346"
},
"id": "8f1fcb69-1f3c-3c0d-812e-af4fdde0ac11",
"kind": "cm:access:working-config:apm:aaa:state",
"selfLink": "https://localhost/mgmt/cm/access/working-config/apm/f0938680-57d5-377f-8c73-da4c2ce561ed" }