Skip to main content

Create iSCSI credentials

Contributors

POST /protocols/san/iscsi/credentials

Introduced In: 9.6

Creates iSCSI credentials.

Required properties

  • svm.uuid or svm.name - Existing SVM in which to create the iSCSI credentials.

  • initiator - Initiator for which the iSCSI credentials are to be created.

  • authentication_type - Type of authentication to use for the credentials.

  • chap.inbound.user - In-bound CHAP authentication user name.

  • chap.inbound.password - In-bound CHAP authentication password.

  • chap.outbound.user - Out-bound CHAP authentication user name.

  • chap.outbound.password - Out-bound CHAP authentication password.

  • vserver iscsi security create

Parameters

Name Type In Required Description

return_records

boolean

query

False

The default is false. If set to true, the records are returned.

  • Default value:

Request Body

Name Type Description

_links

_links

authentication_type

string

The iSCSI authentication type. Required in POST; optional in PATCH.

chap

chap

Challenge-Handshake Authentication Protocol (CHAP) credentials.

initiator

string

The iSCSI initiator to which the credentials apply. Required in POST.

initiator_address

initiator_address

Initiator address ranges.

svm

svm

SVM, applies only to SVM-scoped objects.

Example request
{
  "_links": {
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "authentication_type": "string",
  "chap": {
    "inbound": {
      "password": "string",
      "user": "string"
    },
    "outbound": {
      "password": "string",
      "user": "string"
    }
  },
  "initiator": "iqn.1998-01.com.corp.iscsi:name1",
  "initiator_address": {
    "masks": [
      {
        "address": "10.10.10.7",
        "family": "string",
        "netmask": "24"
      }
    ],
    "ranges": [
      {
        "end": "10.10.10.7",
        "family": "string",
        "start": "10.10.10.7"
      }
    ]
  },
  "svm": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "svm1",
    "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
  }
}

Response

Status: 201, Created
Name Type Description

_links

_links

num_records

integer

The number of records in the response.

records

array[iscsi_credentials]

Example response
{
  "_links": {
    "next": {
      "href": "/api/resourcelink"
    },
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "num_records": 1,
  "records": [
    {
      "_links": {
        "self": {
          "href": "/api/resourcelink"
        }
      },
      "authentication_type": "string",
      "chap": {
        "inbound": {
          "password": "string",
          "user": "string"
        },
        "outbound": {
          "password": "string",
          "user": "string"
        }
      },
      "initiator": "iqn.1998-01.com.corp.iscsi:name1",
      "initiator_address": {
        "masks": [
          {
            "address": "10.10.10.7",
            "family": "string",
            "netmask": "24"
          }
        ],
        "ranges": [
          {
            "end": "10.10.10.7",
            "family": "string",
            "start": "10.10.10.7"
          }
        ]
      },
      "svm": {
        "_links": {
          "self": {
            "href": "/api/resourcelink"
          }
        },
        "name": "svm1",
        "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
      }
    }
  ]
}

Headers

Name Description Type

Location

Useful for tracking the resource location

string

Error

Status: Default

ONTAP Error Response Codes

Error Code Description

2621462

An SVM with the specified UUID does not exist.

2621706

Both the SVM UUID and SVM name were supplied, but they do not refer to the same SVM.

2621707

No SVM was specified. Either svm.name or svm.uuid must be supplied.

5373969

A non-empty qualifier is required after the prefix. An example of a valid IQN is iqn.1995-08.com.example:string.

5373970

The IQN prefix is invalid. The correct IQN prefix is iqn. An example of a valid IQN is iqn.1995-08.com.example:string.

5373971

The date field is invalid. A valid date field is yyyy-mm. An example of a valid IQN is iqn.1995-08.com.example:string.

5373972

The naming authority and string fields can contain only the characters a-z, 0-9, ., :, and -.

5373977

The EUI-64 identifier field must be exactly 16 hexadecimal digits.

5373978

The EUI formatted initiator name supplied is invalid. A valid EUI format is eui.XXXXXXXXXXXXXXXX, where X is a hexadecimal digit.

5373997

The initiator name supplied in invalid. The valid initiator name formats are iqn.1995-08.com.example:string or eui.0123456789abcdef.

5374078

The iSCSI service does not exist.

5374142

An iSCSI security credential already exists for the specified initiator.

5374145

The iSCSI security password must contain an even number of valid hex digits.

5374147

The CHAP inbound and outbound passwords must be different.

5374149

The inbound user and password properties are required for CHAP authentication.

5374150

Outbound CHAP authentication requires an outbound password.

5374855

The value for property initiator_address.ranges.start is greater than the value for property initiator_address.ranges.end.

5374856

The value for property initiator_address.ranges.start does not belong to the same IP address family as the value for property initiator_address.ranges.end.

5374900

Setting the CHAP authentication properties are not supported with authentication types none or deny.

Also see the table of common errors in the Response body overview section of this documentation.

Name Type Description

error

returned_error

Example error
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name Type Description

href

string

Name Type Description

self

href

inbound

Inbound CHAP credentials.

Name Type Description

password

string

The inbound CHAP password. Write-only; optional in POST and PATCH.

user

string

The inbound CHAP user name. Optional in POST and PATCH.

outbound

Output CHAP credentials.

To clear previously set outbound CHAP credentials, set property chap.outbound.user to an empty string in PATCH.

Name Type Description

password

string

The outbound CHAP password. Write-only; optional in POST and PATCH.

user

string

The outbound CHAP user name. Optional in POST and PATCH.

To clear previously set outbound CHAP credentials, set this property to an empty string in PATCH.

chap

Challenge-Handshake Authentication Protocol (CHAP) credentials.

Name Type Description

inbound

inbound

Inbound CHAP credentials.

outbound

outbound

Output CHAP credentials.

To clear previously set outbound CHAP credentials, set property chap.outbound.user to an empty string in PATCH.

ip_info

IP information

Name Type Description

address

string

IPv4 or IPv6 address

family

string

IPv4 or IPv6

netmask

string

Input as netmask length (16) or IPv4 mask (255.255.0.0). For IPv6, the default value is 64 with a valid range of 1 to 127. Output is always the netmask length.

ip_address_range

IP address range

Name Type Description

end

string

IPv4 or IPv6 address

family

string

IPv4 or IPv6

start

string

IPv4 or IPv6 address

initiator_address

Initiator address ranges.

Name Type Description

masks

array[ip_info]

ranges

array[ip_address_range]

svm