API Description | API Path |
---|---|
List LDAP identity sourcesReturn a list of all configured LDAP identity sources. |
GET /api/v1/aaa/ldap-identity-sources
|
Probe an LDAP identity sourceVerify that the configuration of an LDAP identity source is correct before actually creating the source. |
POST /api/v1/aaa/ldap-identity-sources?action=probe_identity_source
|
Fetch the server certificate of an LDAP serverAttempt to connect to an LDAP server and retrieve the server certificate it presents. |
POST /api/v1/aaa/ldap-identity-sources?action=fetch_certificate
|
Test an LDAP serverAttempt to connect to an LDAP server and ensure that the server can be contacted using the given URL and authentication credentials. |
POST /api/v1/aaa/ldap-identity-sources?action=probe_ldap_server
|
Delete an LDAP identity sourceDelete an LDAP identity source. Users defined in that source will no longer be able to access NSX. |
DELETE /api/v1/aaa/ldap-identity-sources/<ldap-identity-source-id>
|
Read a single LDAP identity sourceReturn details about one LDAP identity source |
GET /api/v1/aaa/ldap-identity-sources/<ldap-identity-source-id>
|
Test the configuration of an existing LDAP identity sourceAttempt to connect to an existing LDAP identity source and report any errors encountered. |
POST /api/v1/aaa/ldap-identity-sources/<ldap-identity-source-id>?action=probe
|
Update an existing LDAP identity sourceUpdate the configuration of an existing LDAP identity source. You may wish to verify the new configuration using the POST /aaa/ldap-identity-sources?action=probe API before changing the configuration. |
PUT /api/v1/aaa/ldap-identity-sources/<ldap-identity-source-id>
|
Search the LDAP identity sourceSearch the LDAP identity source for users and groups that match the given filter_value. In most cases, the LDAP source performs a case-insensitive search. |
POST /api/v1/aaa/ldap-identity-sources/<ldap-identity-source-id>/search
|
Create registration access tokenThe privileges of the registration token will be the same as the caller. |
POST /api/v1/aaa/registration-token
|
Delete registration access token |
DELETE /api/v1/aaa/registration-token/<token>
|
Get registration access token |
GET /api/v1/aaa/registration-token/<token>
|
Get all users and groups with their roles |
GET /api/v1/aaa/role-bindings
|
Assign roles to User or GroupWhen assigning a user role, specify the user name with the same case as it appears in vIDM to access the NSX-T user interface. For example, if vIDM has the user name User1@example.com then the name attribute in the API call must be be User1@example.com and cannot be user1@example.com. |
POST /api/v1/aaa/role-bindings
|
Delete all stale role assignments |
POST /api/v1/aaa/role-bindings?action=delete_stale_bindings
|
Delete user/group's roles assignment |
DELETE /api/v1/aaa/role-bindings/<binding-id>
|
Get user/group's role information |
GET /api/v1/aaa/role-bindings/<binding-id>
|
Update User or Group's roles |
PUT /api/v1/aaa/role-bindings/<binding-id>
|
Get information about all roles |
GET /api/v1/aaa/roles
|
Get information about all roles with features and their permissions |
GET /api/v1/aaa/roles-with-feature-permissions
|
Get role information |
GET /api/v1/aaa/roles/<role>
|
Get information about logged-in user. The permissions parameter of the NsxRole has been deprecated. |
GET /api/v1/aaa/user-info
|
Get all the User Groups where vIDM display name matches the search key case insensitively. The search key is checked to be a substring of display name. This is a non paginated API. |
GET /api/v1/aaa/vidm/groups
|
Get all the users and groups from vIDM matching the search key case insensitively. The search key is checked to be a substring of name or given name or family name of user and display name of group. This is a non paginated API. |
POST /api/v1/aaa/vidm/search
|
Get all the users from vIDM whose userName, givenName or familyName matches the search key case insensitively. The search key is checked to be a substring of name or given name or family name. This is a non paginated API. |
GET /api/v1/aaa/vidm/users
|