REST API reference
Security authentication cluster LDAP endpoint overview
Suggest changes
PDFs
Overview
LDAP servers are used to centrally maintain user information. LDAP configurations must be set up to look up information stored in the LDAP directory on the external LDAP servers. This API is used to retrieve and manage cluster LDAP server configurations.
Examples
Retrieving the cluster LDAP information
The cluster LDAP GET operation retrieves the LDAP configuration of the cluster.
The following example shows how a GET operation is used to retrieve the cluster LDAP information:
# The API:
/api/security/authentication/cluster/ldap
# The call:
curl -X GET "https://<mgmt-ip>/api/security/authentication/cluster/ldap" -H "accept: application/hal+json"
# The response:
{
"servers": [
"10.10.10.10",
"domainB.example.com"
],
"schema": "ad_idmu",
"port": 389,
"min_bind_level": "anonymous",
"bind_dn": "cn=Administrators,cn=users,dc=domainA,dc=example,dc=com",
"base_dn": "dc=domainA,dc=example,dc=com",
"base_scope": "subtree",
"use_start_tls": true,
"session_security": "none",
"_links": {
"self": {
"href": "/api/security/authentication/cluster/ldap"
}
}
}
Creating the cluster LDAP configuration
The cluster LDAP POST operation creates an LDAP configuration for the cluster.
The following example shows how to issue a POST request with all of the fields specified:
# The API:
/api/security/authentication/cluster/ldap
# The call:
curl -X POST "https://<mgmt-ip>/api/security/authentication/cluster/ldap" -H "accept: application/hal+json" -H "Content-Type: application/json" -d "{ \"servers\": [ \"10.10.10.10\"\, \"domainB.example.com\" ], \"schema\": \"ad_idmu\", \"port\": 389, \"min_bind_level\": \"anonymous\", \"bind_dn\": \"cn=Administrators,cn=users,dc=domainA,dc=example,dc=com\", \"bind_password\": \"abc\", \"base_dn\": \"dc=domainA,dc=example,dc=com\", \"base_scope\": \"subtree\", \"use_start_tls\": false, \"session_security\": \"none\"}"
The following example shows how to issue a POST request with a number of optional fields not specified:
# The API:
/api/security/authentication/cluster/ldap
# The call:
curl -X POST "https://<mgmt-ip>/api/security/authentication/cluster/ldap" -H "accept: application/hal+json" -H "Content-Type: application/json" -d "{ \"port\": 389, \"bind_dn\": \"cn=Administrators,cn=users,dc=domainA,dc=example,dc=com\", \"bind_password\": \"abc\", \"base_dn\": \"dc=domainA,dc=example,dc=com\", \"session_security\": \"none\"}"
Updating the cluster LDAP configuration
The cluster LDAP PATCH operation updates the LDAP configuration of the cluster.
The following example shows how a PATCH operation is used to update the cluster LDAP configuration:
# The API:
/api/security/authentication/cluster/ldap
# The call:
curl -X PATCH "https://<mgmt-ip>/api/security/authentication/cluster/ldap" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"servers\": [ \"55.55.55.55\" ], \"schema\": \"ad_idmu\", \"port\": 636, \"use_start_tls\": false }"
Deleting the cluster LDAP configuration
The cluster LDAP DELETE operation deletes the LDAP configuration of the cluster.
The following example shows how a DELETE operation is used to delete the cluster LDAP configuration:
# The API: /api/security/authentication/cluster/ldap # The call: curl -X DELETE "https://<mgmt-ip>/api/security/authentication/cluster/ldap" -H "accept: application/hal+json"