Skip to main content
A newer release of this product is available.

security

Contributors
Suggest changes

security-config-get

GET /api/security

Usage: This ONTAPI call cannot be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

cluster-security-config-ready

No REST Equivalent

interface

No REST Equivalent

This was required in ONTAPI but only allowed a single valid value. Not exposed in the REST API.

is-fips-enabled

fips.enabled

supported-ciphers

No REST Equivalent

This was optional in ONTAPI but is now deprecated in favor of supported-cipher-suites. Not exposed in the REST API.

supported-cipher-suites

No REST Equivalent

supported-protocols

No REST Equivalent

interface

No REST Equivalent

This was required in ONTAPI but only allowed a single valid value. Not exposed in the REST API.

security-config-modify

PATCH /api/security

Usage: This ONTAPI call cannot be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

interface

No REST Equivalent

This was required in ONTAPI but only allowed a single valid value. Not exposed in the REST API.

is-fips-enabled

fips.enabled

supported-ciphers

No REST Equivalent

This was optional in ONTAPI but is now deprecated in favor of supported-cipher-suites. Not exposed in the REST API.

supported-cipher-suites

No REST Equivalent

supported-protocols

No REST Equivalent

security-config-ocsp-disable

This ONTAPI call does not have an equivalent REST API call.

security-config-ocsp-enable

This ONTAPI call does not have an equivalent REST API call.

security-config-ocsp-get-iter

This ONTAPI call does not have an equivalent REST API call.

security-last-login-info

This ONTAPI call does not have an equivalent REST API call.

security-login-create

POST /api/security/accounts

Note: You cannot create SNMP users by using this endpoint. To create SNMP users, use the POST /api/support/snmp/users REST API endpoint.

Usage: This ONTAPI call cannot be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

application

applications.application

authentication-method

applications.authentication_methods

comment

comment

is-ns-switch-group

No REST Equivalent

is-password-hashed

No REST Equivalent

password

password

remote-switch-ipaddress

No REST Equivalent

role-name

role.name

second-authentication-method

applications.second_authentication_method

snmpv3-login-info

No REST Equivalent

SNMP (including SNMPv3) users are managed by the "/api/support/snmp/users" REST API endpoint.

user-name

name

name is specified as a path parameter.

vserver

owner.name

Can also use owner.uuid

security-login-delete

DELETE /api/security/accounts/{owner.uuid}/{name}

Note: The /api/security/accounts/\{owner.uuid\}/{name} REST API endpoint deletes all the entries for the user account, that is, it deletes entries for all applications and all authentication methods corresponding to the user account. You cannot delete SNMP users by using this endpoint. To delete SNMP users, use the DELETE /api/support/snmp/users/{engine-id}/{name} REST API endpoint.

Usage: This ONTAPI call cannot be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

application

applications.application

authentication-method

applications.authentication_methods

remote-switch-ipaddress

No REST Equivalent

user-name

name

name is specified as a path parameter.

vserver

owner.uuid

owner.uuid is specified as a path parameter.

security-login-delete-iter

DELETE /api/security/accounts

Note: You cannot delete SNMP users by using this endpoint. To delete a set of SNMP users, use the DELETE /api/support/snmp/users REST API collection.

Usage: This ONTAPI call cannot be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

continue-on-failure

No REST Equivalent

max-failure-count

No REST Equivalent

max-records

max_records

Specifies the maximum number of records to return before paging.

application

applications.application

authentication-method

applications.authentication_methods

comment

comment

is-locked

locked

is-ns-switch-group

No REST Equivalent

password-hash-algorithm

No REST Equivalent

remote-switch-ipaddress

No REST Equivalent

role-name

role.name

second-authentication-method

applications.second_authentication_method

user-name

name

vserver

owner.name

Can also specify "owner.uuid"

return-failure-list

No REST Equivalent

return-success-list

No REST Equivalent

security-login-expire-password

This ONTAPI call does not have an equivalent REST API call.

security-login-expire-password-iter

This ONTAPI call does not have an equivalent REST API call.

security-login-get

GET /api/security/accounts/{owner.uuid}/{name}

Note: You cannot retrieve SNMP users by using this endpoint. To retrieve SNMP users, use GET /api/support/snmp/users/{engine_id}/{name} REST API call.

Usage: This ONTAPI call cannot be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

application

applications.application

authentication-method

applications.authentication_methods

comment

comment

is-locked

locked

is-ns-switch-group

No REST Equivalent

password-hash-algorithm

No REST Equivalent

remote-switch-ipaddress

No REST Equivalent

role-name

role.name

second-authentication-method

applications.second_authentication_method

user-name

name

name is specified as a path parameter.

vserver

owner.uuid

owner.uuid is specified as a path parameter.

security-login-get-iter

GET /api/security/accounts

Note: You cannot retrieve SNMP users by using this endpoint. To retrieve a set of SNMP users, use the GET /api/support/snmp/users REST API collection.

Usage: This ONTAPI call cannot be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

application

applications.application

authentication-method

applications.authentication_methods

comment

comment

is-locked

locked

is-ns-switch-group

No REST Equivalent

password-hash-algorithm

No REST Equivalent

remote-switch-ipaddress

No REST Equivalent

role-name

role.name

second-authentication-method

applications.second_authentication_method

user-name

name

vserver

owner.name

Can also use "owner.uuid"

max-records

max_records

Specifies the maximum number of records to return before paging.

security-login-lock

PATCH /api/security/accounts/{owner.uuid}/{name}

Note: Set the "locked" REST API attribute to "true".

Usage: This ONTAPI call cannot be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

user-name

name

name is specified as a path parameter.

vserver

owner.uuid

owner.uuid is specified as a path parameter.

security-login-modify

PATCH /api/security/accounts/{owner.uuid}/{name}

Note: You cannot modify SNMP users by using this endpoint. To modify SNMP users, use the PATCH /api/support/snmp/users/{engine_id}/{name} REST API call.

Usage: This ONTAPI call cannot be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

application

applications.application

authentication-method

applications.authentication_methods

comment

comment

is-ns-switch-group

No REST Equivalent

remote-switch-ipaddress

No REST Equivalent

role-name

role.name

second-authentication-method

applications.second_authentication_method

user-name

name

name is specified as a path parameter.

vserver

owner.uuid

owner.uuid is specified as a path parameter.

security-login-modify-iter

PATCH /api/security/accounts

Note: Update SNMP users by using the /api/support/snmp/users REST API endpoint.

Usage: This ONTAPI call cannot be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

application

applications.application

Can specify as a query parameter.

authentication-method

applications.authentication_methods

Can specify as a query parameter.

comment

comment

Must specify in the PATCH body.

is-locked

locked

Must specify in the PATCH body.

is-ns-switch-group

No REST Equivalent

password-hash-algorithm

No REST Equivalent

remote-switch-ipaddress

No REST Equivalent

role-name

role.name

Must specify in the PATCH body.

second-authentication-method

applications.second_authentication_method

user-name

name

Must specify as a query parameter.

vserver

owner.name

Can also use owner.uuid.

continue-on-failure

No REST Equivalent

max-failure-count

No REST Equivalent

max-records

max_records

Specifies the maximum number of records to return before paging.

return-failure-list

No REST Equivalent

return-success-list

No REST Equivalent

security-login-modify-password

POST /api/security/authentication/password

Note: In the REST API, specify owner.name, that is, the SVM name or owner.uuid (SVM UUID REST API attributes in the body of a POST request) to specify the SVM to which the user belongs. If you do not specify owner.uuid or owner.name, the SVM is selected based on the LIF or IP address to which the REST API is issued.

Usage: This ONTAPI call can be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

is-password-hashed

No REST Equivalent

new-password

password

password-hash-algorithm

No REST Equivalent

user-name

name

security-login-role-config-get

This ONTAPI call does not have an equivalent REST API call.

security-login-role-config-get-iter

This ONTAPI call does not have an equivalent REST API call.

security-login-role-config-modify

This ONTAPI call does not have an equivalent REST API call.

security-login-role-config-modify-iter

This ONTAPI call does not have an equivalent REST API call.

security-login-role-create

Note: This ONTAPI creates a new legacy role. Use the private CLI passthrough with the POST method of REST API /api/private/cli/security/login/role to create a new legacy role through the REST API. You can use the POST method of the /security/roles endpoint to create a new REST API role.

This ONTAPI call does not have an equivalent REST API call.

security-login-role-delete

This ONTAPI call does not have an equivalent REST API call.

security-login-role-delete-iter

This ONTAPI call does not have an equivalent REST API call.

security-login-role-get

This ONTAPI call does not have an equivalent REST API call.

security-login-role-get-iter

This ONTAPI call does not have an equivalent REST API call.

security-login-role-modify

This ONTAPI call does not have an equivalent REST API call.

security-login-role-modify-iter

This ONTAPI call does not have an equivalent REST API call.

security-login-unlock

PATCH /api/security/accounts/{owner.uuid}/{name}

Note: Set the locked REST API attribute to false.

Usage: This ONTAPI call cannot be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

user-name

name

name is specified as a path parameter.

vserver

owner.uuid

owner.uuid is a path parameter.

security-login-whoami

This ONTAPI call does not have an equivalent REST API call.

security-protocol-get

This ONTAPI call does not have an equivalent REST API call.

security-protocol-modify

This ONTAPI call does not have an equivalent REST API call.

security-protocol-ssh-get

GET /api/security/ssh

Usage: This ONTAPI call cannot be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

connections-per-second

connections_per_second

max-instances

max_instances

per-source-limit

per_source_limit

security-protocol-ssh-modify

PATCH /api/security/ssh

Usage: This ONTAPI call cannot be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

connections-per-second

connections_per_second

max-instances

max_instances

per-source-limit

per_source_limit

security-reset

This ONTAPI call does not have an equivalent REST API call.

security-saml-sp-create-async

POST /api/security/authentication/cluster/saml-sp

Usage: This ONTAPI call cannot be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

cert-ca

certificate.ca

cert-common-name

certificate.common_name

cert-serial

certificate.serial_number

idp-uri

idp_uri

sp-host

host

verify-metadata-server

verify_metadata_server

security-saml-sp-destroy

DELETE /api/security/authentication/cluster/saml-sp

Usage: This ONTAPI call cannot be issued against Storage VM (SVM) management LIFs.

There are no attributes defined for this ONTAPI call.

security-saml-sp-get

GET /api/security/authentication/cluster/saml-sp

Usage: This ONTAPI call cannot be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

cert-ca

certificate.ca

cert-common-name

certificate.common_name

cert-serial

certificate.serial_number

idp-uri

idp_uri

is-enabled

enabled

sp-host

host

verify-metadata-server

verify_metadata_server

security-saml-sp-modify

PATCH /api/security/authentication/cluster/saml-sp

Usage: This ONTAPI call cannot be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

is-enabled

enabled

security-saml-sp-repair

This ONTAPI call does not have an equivalent REST API call.

security-saml-sp-status-get-iter

This ONTAPI call does not have an equivalent REST API call.

security-security-login-password-prepare-to-downgrade

This ONTAPI call does not have an equivalent REST API call.

security-ssh-add

PATCH /api/security/ssh

Note: To achieve the functionality of security-ssh-add use the PATCH /api/security/ssh REST API call.

Usage: This ONTAPI call can be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

ciphers

ciphers

key-exchange-algorithms

key_exchange_algorithms

mac-algorithms

mac_algorithms

vserver

No REST Equivalent

The vserver parameter is defaulted to Admin SVM in the REST API.

security-ssh-get-iter

GET /api/security/ssh

Usage: This ONTAPI call can be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

ciphers

ciphers

key-exchange-algorithms

key_exchange_algorithms

mac-algorithms

mac_algorithms

max-authentication-retry-count

max_authentication_retry_count

vserver-name

No REST Equivalent

The vserver parameter is defaulted to "Admin SVM" in the REST API.

max-records

max_records

Specifies the maximum number of records to return before paging.

security-ssh-remove

PATCH /api/security/ssh

Note: To achieve the functionality of security-ssh-remove use the PATCH /api/security/ssh REST API call.

Usage: This ONTAPI call can be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

ciphers

ciphers

key-exchange-algorithms

key_exchange_algorithms

mac-algorithms

mac_algorithms

vserver

No REST Equivalent

The vserver parameter is defaulted to Admin SVM in the REST API.

security-ssh-reset

PATCH /api/security/ssh

Note: You can only reset SSH configuration for "Admin SVM" in the REST API.

Usage: This ONTAPI call can be issued against Storage VM (SVM) management LIFs.

ONTAPI attribute REST attribute Comment

ciphers

ciphers

key-exchange-algorithms

key_exchange_algorithms

mac-algorithms

mac_algorithms

max-authentication-retry-count

max_authentication_retry_count

ssh-prepare-to-downgrade

This ONTAPI call does not have an equivalent REST API call.