API Description | API Path |
---|---|
Test a directory domain LDAP server connectivityThis API tests a LDAP server connectivity before the actual domain or LDAP server is configured. If the connectivity is good, the response will be HTTP status 200. Otherwise the response will be HTTP status 500 and corresponding error message will be returned. |
POST /policy/api/v1/infra/firewall-identity-store-ldap-server
|
Scan the size of a directory domainThis call scans the size of a directory domain. It may be very | expensive to run this call in some AD domain deployments. Please | use it with caution. |
POST /policy/api/v1/infra/firewall-identity-store-size
|
List all firewall identity storesList all firewall identity stores |
GET /policy/api/v1/infra/firewall-identity-stores
|
Delete firewall identity storeIf the firewall identity store is removed, it will stop the identity store synchronization. User will not be able to define new IDFW rules |
DELETE /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>
|
Read firewall identity storeReturn a firewall identity store based on the store identifier |
GET /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>
|
Create or update a firewall identity storeIf a firewall identity store with the firewall-identity-store-id is not already present, create a new firewall identity store. If it already exists, update the firewall identity store with specified attributes. |
PATCH /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>
|
Invoke full sync or delta sync for a specific domain, with additional delay in seconds if needed. Stop sync will try to stop any pending sync if any to return to idle state. |
POST /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>
|
Create or update a firewall identity storeIf a firewall identity store with the firewall-identity-store-id is not already present, create a new firewall identity store. If it already exists, replace the firewall identity store instance with the new object. |
PUT /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>
|
Search for directory groups within a domain based on the substring of a distinguished name. (e.g. CN=User,DC=acme,DC=com) The search filter pattern can optionally support multiple (up to 100 maximum) search pattern separated by '|' (url encoded %7C). In this case, the search results will be returned as the union of all matching criteria. (e.g. CN=Ann,CN=Users,DC=acme,DC=com|CN=Bob,CN=Users,DC=acme,DC=com) |
GET /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/groups
|
List members of a directory groupA member group could be either direct member of the group specified by group_id or nested member of it. Both direct member groups and nested member groups are returned. |
GET /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/groups/<group-id>/member-groups
|
List all configured domain LDAP servers |
GET /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/ldap-servers
|
Delete a LDAP server for Firewall Identity store |
DELETE /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/ldap-servers/<ldap-server-id>
|
Get a specific LDAP server for a given Firewall Identity store |
GET /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/ldap-servers/<ldap-server-id>
|
Test a LDAP server connection for directory domainThe API tests a LDAP server connection for an already configured domain. If the connection is successful, the response will be HTTP status 200. Otherwise the response will be HTTP status 500 and corresponding error message will be returned. |
POST /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/ldap-servers/<ldap-server-id>
|
Update a LDAP server for Firewall Identity store |
PUT /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/ldap-servers/<ldap-server-id>
|
Get Firewall identity store sync statistics for the given identifier |
GET /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/sync-stats
|
Get IDFW status for a Compute CollectionGet IDFW status for a specific Compute Collection |
GET /policy/api/v1/infra/settings/firewall/idfw/compute-collections/<compute-collection-id>/status
|
List IDFW status for Transport Nodes in a Compute CollectionThis API will list all transport node and statuses based on idfw enabled compute collection ID. |
GET /policy/api/v1/infra/settings/firewall/idfw/compute-collections/<compute-collection-id>/transport-nodes/status
|
Get IDFW status for all Compute CollectionsGet IDFW status for all Compute Collections |
GET /policy/api/v1/infra/settings/firewall/idfw/compute-collections/status
|
Get all IDFW Group VM details for a given GroupGet all Identity Firewall Group VM details for a given Group. |
GET /policy/api/v1/infra/settings/firewall/idfw/group-vm-details
|
Get IDFW system statistics dataIt will get IDFW system statistics data. |
GET /policy/api/v1/infra/settings/firewall/idfw/system-stats
|
List IDFW status of VMs by transport node idThis API will list all VMs and statuses based on transport node ID of idfw enabled compute collection. |
GET /policy/api/v1/infra/settings/firewall/idfw/transport-nodes/<transport-node-id>/vms/status
|
Get user session dataIt will get user session data. |
GET /policy/api/v1/infra/settings/firewall/idfw/user-session-data
|
Get IDFW user login events for a given userIt will get IDFW user login events for a given user. |
GET /policy/api/v1/infra/settings/firewall/idfw/user-stats/<user-id>
|
Get IDFW user login events for a given VMIt will get IDFW user login events for a given VM (all active plus up to 5 most recent archived entries). |
GET /policy/api/v1/infra/settings/firewall/idfw/vm-stats/<vm-id>
|