API Description | API Path |
---|---|
List feature permissionsList features |
GET /policy/api/v1/aaa/features-with-properties
|
List LDAP identity sourcesReturn a list of all configured LDAP identity sources. |
GET /global-manager/api/v1/aaa/ldap-identity-sources
|
Probe an LDAP identity sourceVerify that the configuration of an LDAP identity source is correct before actually creating the source. |
POST /global-manager/api/v1/aaa/ldap-identity-sources?action=probe_identity_source
|
Fetch the server certificate of an LDAP serverAttempt to connect to an LDAP server and retrieve the server certificate it presents. |
POST /global-manager/api/v1/aaa/ldap-identity-sources?action=fetch_certificate
|
Test an LDAP serverAttempt to connect to an LDAP server and ensure that the server can be contacted using the given URL and authentication credentials. |
POST /global-manager/api/v1/aaa/ldap-identity-sources?action=probe_ldap_server
|
Delete an LDAP identity sourceDelete an LDAP identity source. Users defined in that source will no longer be able to access NSX. |
DELETE /global-manager/api/v1/aaa/ldap-identity-sources/<ldap-identity-source-id>
|
Read a single LDAP identity sourceReturn details about one LDAP identity source |
GET /global-manager/api/v1/aaa/ldap-identity-sources/<ldap-identity-source-id>
|
Test the configuration of an existing LDAP identity sourceAttempt to connect to an existing LDAP identity source and report any errors encountered. |
POST /global-manager/api/v1/aaa/ldap-identity-sources/<ldap-identity-source-id>?action=probe
|
Update an existing LDAP identity sourceUpdate the configuration of an existing LDAP identity source. You may wish to verify the new configuration using the POST /aaa/ldap-identity-sources?action=probe API before changing the configuration. |
PUT /global-manager/api/v1/aaa/ldap-identity-sources/<ldap-identity-source-id>
|
Search the LDAP identity sourceSearch the LDAP identity source for users and groups that match the given filter_value. In most cases, the LDAP source performs a case-insensitive search. |
POST /global-manager/api/v1/aaa/ldap-identity-sources/<ldap-identity-source-id>/search
|
Create registration access tokenThe privileges of the registration token will be the same as the caller. |
POST /policy/api/v1/aaa/registration-token
|
Delete registration access token |
DELETE /policy/api/v1/aaa/registration-token/<token>
|
Get registration access token |
GET /policy/api/v1/aaa/registration-token/<token>
|
Get all users and groups with their roles |
GET /policy/api/v1/aaa/role-bindings
|
Delete all stale role assignments |
POST /policy/api/v1/aaa/role-bindings?action=delete_stale_bindings
|
Assign roles to User or GroupWhen assigning a user role, specify the user name with the same case as it appears in vIDM to access the NSX-T user interface. For example, if vIDM has the user name User1@example.com then the name attribute in the API call must be be User1@example.com and cannot be user1@example.com. |
POST /policy/api/v1/aaa/role-bindings
|
Delete user/group's roles assignment |
DELETE /policy/api/v1/aaa/role-bindings/<binding-id>
|
Get user/group's role information |
GET /policy/api/v1/aaa/role-bindings/<binding-id>
|
Update User or Group's roles |
PUT /policy/api/v1/aaa/role-bindings/<binding-id>
|
Get information about all roles |
GET /policy/api/v1/aaa/roles
|
Validate a new feature permission setValidate the permissions of an incoming role. Also, recommend the permissions which need to be corrected. |
POST /policy/api/v1/aaa/roles?action=validate
|
Get information about all roles with features and their permissions |
GET /policy/api/v1/aaa/roles-with-feature-permissions
|
Delete custom roleIf a role is assigned to a role binding then the deletion of the role is not allowed. Precanned roles cannot be deleted. |
DELETE /policy/api/v1/aaa/roles/<role>
|
Get role information |
GET /policy/api/v1/aaa/roles/<role>
|
Clone an already present roleThe role with id the ones provided in the request body. |
POST /policy/api/v1/aaa/roles/<role>?action=clone
|
Update custom roleCreates a new role with id as role with id |
PUT /policy/api/v1/aaa/roles/<role>
|
Get the name and role information of the user.This API will return the name and role information of the user invoking this API request. This API is available for all NSX users no matter their authentication method (Local account, VIDM, LDAP etc). The permissions parameter of the NsxRole has been deprecated. |
GET /policy/api/v1/aaa/user-info
|
Get all the User Groups where vIDM display name matches the search key case insensitively. The search key is checked to be a substring of display name. This is a non paginated API. |
GET /policy/api/v1/aaa/vidm/groups
|
Get all the users and groups from vIDM matching the search key case insensitively. The search key is checked to be a substring of name or given name or family name of user and display name of group. This is a non paginated API. |
POST /policy/api/v1/aaa/vidm/search
|
Get all the users from vIDM whose userName, givenName or familyName matches the search key case insensitively. The search key is checked to be a substring of name or given name or family name. This is a non paginated API. |
GET /policy/api/v1/aaa/vidm/users
|
Delete existing support bundles waiting to be downloadedDelete existing support bundles waiting to be downloaded. |
POST /api/v1/administration/support-bundles?action=delete_async_response
|
Collect support bundles from registered cluster and fabric nodesCollect support bundles from registered cluster and fabric nodes. |
POST /api/v1/administration/support-bundles?action=collect
|
Accept end user license agreementAccept end user license agreement |
POST /policy/api/v1/eula/accept
|
Return the acceptance status of end user license agreementReturn the acceptance status of end user license agreement |
GET /policy/api/v1/eula/acceptance
|
Return the content of end user license agreementReturn the content of end user license agreement in the specified format. By default, it's pure string without line break |
GET /policy/api/v1/eula/content
|
Read AAA provider vIDM properties |
GET /api/v1/node/aaa/providers/vidm
GET /api/v1/transport-nodes/<transport-node-id>/node/aaa/providers/vidm GET /api/v1/cluster/<cluster-node-id>/node/aaa/providers/vidm |
Update AAA provider vIDM properties |
PUT /api/v1/node/aaa/providers/vidm
PUT /api/v1/transport-nodes/<transport-node-id>/node/aaa/providers/vidm PUT /api/v1/cluster/<cluster-node-id>/node/aaa/providers/vidm |
Read AAA provider vIDM status |
GET /api/v1/node/aaa/providers/vidm/status
GET /api/v1/transport-nodes/<transport-node-id>/node/aaa/providers/vidm/status GET /api/v1/cluster/<cluster-node-id>/node/aaa/providers/vidm/status |