REST API reference
Security authentication cluster LDAP endpoint overview
Suggest changes
-
PDF of this doc site
Collection of separate PDF docs
Creating your file...
Overview
LDAP servers are used to centrally maintain user information. LDAP configurations must be set up to look up information stored in the LDAP directory on the external LDAP servers. This API is used to retrieve and manage cluster LDAP server configurations.
Examples
Retrieving the cluster LDAP information
The cluster LDAP GET request retrieves the LDAP configuration of the cluster.
The following example shows how a GET request is used to retrieve the cluster LDAP information:
# The API:
/api/security/authentication/cluster/ldap
# The call:
curl -X GET "https://<mgmt-ip>/api/security/authentication/cluster/ldap" -H "accept: application/hal+json"
# The response:
{
"servers": [
"10.10.10.10",
"domainB.example.com"
],
"schema": "ad_idmu",
"port": 389,
"min_bind_level": "anonymous",
"bind_dn": "cn=Administrators,cn=users,dc=domainA,dc=example,dc=com",
"base_dn": "dc=domainA,dc=example,dc=com",
"base_scope": "subtree",
"use_start_tls": true,
"session_security": "none",
"try_channel_binding": true,
"_links": {
"self": {
"href": "/api/security/authentication/cluster/ldap"
}
}
}
Creating the cluster LDAP configuration
The cluster LDAP POST operation creates an LDAP configuration for the cluster.
The following example shows how to issue a POST request with all of the fields specified:
# The API:
/api/security/authentication/cluster/ldap
# The call:
curl -X POST "https://<mgmt-ip>/api/security/authentication/cluster/ldap" -H "accept: application/hal+json" -H "Content-Type: application/json" -d "{ \"servers\": [ \"10.10.10.10\", \"domainB.example.com\" ], \"schema\": \"ad_idmu\", \"port\": 389, \"min_bind_level\": \"anonymous\", \"bind_dn\": \"cn=Administrators,cn=users,dc=domainA,dc=example,dc=com\", \"bind_password\": \"abc\", \"base_dn\": \"dc=domainA,dc=example,dc=com\", \"base_scope\": \"subtree\", \"use_start_tls\": false, \"session_security\": \"none\"}"
The following example shows how to issue a POST request with a number of optional fields not specified:
# The API:
/api/security/authentication/cluster/ldap
# The call:
curl -X POST "https://<mgmt-ip>/api/security/authentication/cluster/ldap" -H "accept: application/hal+json" -H "Content-Type: application/json" -d "{ \"port\": 389, \"bind_dn\": \"cn=Administrators,cn=users,dc=domainA,dc=example,dc=com\", \"bind_password\": \"abc\", \"base_dn\": \"dc=domainA,dc=example,dc=com\", \"session_security\": \"none\"}"
Updating the cluster LDAP configuration
The cluster LDAP PATCH request updates the LDAP configuration of the cluster.
The following example shows how a PATCH request is used to update the cluster LDAP configuration:
# The API:
/api/security/authentication/cluster/ldap
# The call:
curl -X PATCH "https://<mgmt-ip>/api/security/authentication/cluster/ldap" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"servers\": [ \"55.55.55.55\" ], \"schema\": \"ad_idmu\", \"port\": 636, \"use_start_tls\": false }"
Deleting the cluster LDAP configuration
The cluster LDAP DELETE request deletes the LDAP configuration of the cluster.
The following example shows how a DELETE request is used to delete the cluster LDAP configuration:
# The API: /api/security/authentication/cluster/ldap # The call: curl -X DELETE "https://<mgmt-ip>/api/security/authentication/cluster/ldap" -H "accept: application/hal+json"