Onboard FTD device using Zero-Touch Provisioning - Security Cloud Control Firewall Manager API Documentation

{"type":"api","title":"Onboard FTD device using Zero-Touch Provisioning","meta":{"id":"/apps/pubhub/media/cdo-api-documentation/cdbcd64e8c81b1f572dff1a1b687b52867178d60/9b0e4c9a-48cb-3530-a00a-1f32fbf2438c","info":{"title":"Cisco Security Cloud Control Firewall Manager API","version":"1.15.0","description":"Use the documentation to explore the endpoints Security Cloud Control Firewall Manager has to offer","contact":{"name":"Cisco Security Cloud Control TAC","email":"cdo.tac@cisco.com"}},"openapi":"3.0.1","servers":[{"url":"https://api.us.security.cisco.com/firewall","description":"US"},{"url":"https://api.eu.security.cisco.com/firewall","description":"EU"},{"url":"https://api.apj.security.cisco.com/firewall","description":"APJ"},{"url":"https://api.au.security.cisco.com/firewall","description":"AUS"},{"url":"https://api.in.security.cisco.com/firewall","description":"IN"},{"url":"https://api.int.security.cisco.com/firewall","description":"Staging"},{"url":"https://scale.manage.security.cisco.com/api/rest","description":"Scale"},{"url":"https://ci.manage.security.cisco.com/api/rest","description":"CI"},{"url":"https://manage.stg.secure.cisco/api/rest","description":"Stgf9"}],"securitySchemes":{"bearerAuth":{"bearerFormat":"JWT","scheme":"bearer","type":"http"}}},"spec":{"description":"This is an asynchronous operation to onboard a cdFMC managed FTD using Zero-Touch Provisioning. The operation returns a transaction object that can be used to track the progress of the onboarding operation. Note: Zero-Touch Onboarding can be done with Secure Firewall 1xxx, 2xxx, and 3xxx Series devices. This operation will be marked as complete once CDO is ready to handle a response from the device once it is plugged in and connected to the Internet; it does not wait for the device to communicate back to Security Cloud Control.","operationId":"onboardFtdDeviceUsingZtp","requestBody":{"content":{"application/json":{"schema":{"properties":{"adminPassword":{"description":"Specify the initial provisioning password. This is required for setting up the FTD, and can be ignored if password is already set on the device.","type":"string"},"deviceGroupUid":{"description":"Specify the unique identifier, represented as a UUID, of the device group which the device will be a part of after it finishes registering with Security Cloud Control.","format":"uuid","type":"string"},"fmcAccessPolicyUid":{"description":"Specify the unique identifier, represented as a UUID, of the FMC access policy to apply to this device. If this field is specified, the 'templates' field must remain unspecified. Note: If both 'fmcAccessPolicyUid' and 'template' fields are unspecified, the operation will fail.","format":"uuid","type":"string"},"licenses":{"description":"Specify a set of licenses to apply to the device.","example":["BASE","CARRIER"],"items":{"enum":["BASE","CARRIER","THREAT","MALWARE","URLFilter"],"type":"string"},"minItems":1,"type":"array","uniqueItems":true},"name":{"description":"Specify a human-readable name for the device.","example":"My Zero-touch FTD","minLength":1,"type":"string"},"serialNumber":{"description":"Specify the serial number of the FTD device to be onboarded. When a device with this serial number is plugged in and connected to the Internet, it will automatically be registered to this Security Cloud Control tenant.","minLength":1,"type":"string"},"template":{"description":"Specify the template to apply to this device. If this field is specified, the 'fmcAccessPolicyUid' field must remain unspecified. Note: If both 'fmcAccessPolicyUid' and 'template' fields are unspecified, the operation will fail.","properties":{"objectOverrides":{"description":"Specify a list of objects to override. All objects that have been marked as overridable in the template must be defined here. Note: Any overrides defined here that are not present in the template configuration will be ignored.","items":{"properties":{"name":{"description":"Specify the name of the object to override.","minLength":1,"type":"string"},"type":{"description":"Specify the type of the object to override. The type should match the type of the object used in the template.","enum":["Network","Host","FQDN","Range"],"example":"Network","type":"string"},"uid":{"description":"Specify the unique identifier, represented as a UUID, of the object to override.","example":"0d0cc559-43a0-449a-84a9-28310ede72ec","format":"uuid","type":"string"},"value":{"description":"Specify the value to override the object with.","minLength":1,"type":"string"}},"required":["name","type","uid","value"],"type":"object","$$ref":"#/components/schemas/FmcObjectOverride"},"type":"array"},"templateVariables":{"description":"Specify the list of template variables configured on the template. All required template variables must be defined here, and should have values valid for the type of the variable. Any invalid input will result in the template not being applied to the device upon onboarding. Note: Any variables defined here that are not present in the template will be ignored.","items":{"properties":{"name":{"description":"Specify the name of the object to override.","minLength":1,"type":"string"},"value":{"description":"Specify the value of the template variable. The value specified should be valid for the template variable, as defined in the template configuration.","minLength":1,"type":"string"}},"required":["name","value"],"type":"object","$$ref":"#/components/schemas/FmcTemplateVariable"},"type":"array"},"uid":{"description":"Specify the unique identifier, represented as a UUID, of the template to apply to the onboarded device.","example":"2cadad15-dc8b-4bc4-899f-b9badcfc56a3","format":"uuid","type":"string"}},"required":["uid"],"type":"object","$$ref":"#/components/schemas/ZtpOnboardingTemplateConfiguration"}},"required":["licenses","name","serialNumber"],"type":"object","$$ref":"#/components/schemas/ZtpOnboardingInput"}}},"required":true},"responses":{"202":{"content":{"application/json":{"schema":{"properties":{"cdoTransactionStatus":{"description":"The status of the transaction","enum":["PENDING","IN_PROGRESS","DONE","ERROR"],"example":"IN_PROGRESS","type":"string"},"entityUid":{"description":"The unique identifier of the entity that the transaction is triggered on. This can be empty, for a transaction that is not tied to an entity, such as transactions which refresh RA VPN sessions.","example":"f5f660d4-4b81-4374-877d-fbc4bee894e2","format":"uuid","type":"string"},"entityUrl":{"description":"A URL to access the entity that the transaction is triggered on. This can also be empty","example":"https://edge.us.cdo.cisco.com/platform/public-api/v1/inventory/devices/f5f660d4-4b81-4374-877d-fbc4bee894e2","type":"string"},"errorDetails":{"additionalProperties":{"type":"string"},"description":"Transaction error details, if any","type":"object"},"errorMessage":{"description":"Transaction error message, if any","type":"string"},"lastUpdatedTime":{"description":"The time (UTC; represented using the RFC-3339 standard) at which the transaction status was last updated","example":"2023-12-13T08:15:44Z","format":"date-time","type":"string"},"submissionTime":{"description":"The time (UTC; represented using the RFC-3339 standard) at which the transaction was triggered","example":"2023-12-13T05:15:44Z","format":"date-time","type":"string"},"tenantUid":{"description":"The unique identifier of the tenant that the transaction triggered on.","example":"5131daad-e813-4b8f-8f42-be1e241e2cdb","format":"uuid","type":"string"},"transactionDetails":{"additionalProperties":{"type":"string"},"description":"Transaction details, if any","type":"object"},"transactionPollingUrl":{"description":"The URL to poll to track the progress of the transaction.","example":"https://edge.us.cdo.cisco.com/platform/v1/transactions/7131daad-e813-4b8f-8f42-be1e241e8cdb","type":"string"},"transactionType":{"description":"the type of the transaction","enum":["ONBOARD_ASA","ONBOARD_IOS","ONBOARD_DUO_ADMIN_PANEL","CREATE_FTD","ONBOARD_FTD_ZTP","REGISTER_FTD","DELETE_CDFMC_MANAGED_FTD","RECONNECT_ASA","READ_ASA","BULK_READ_ASA","EXECUTE_CLI_COMMAND","BULK_ACCEPT_ASA_CERTIFICATES","DEPLOY_ASA_DEVICE_CHANGES","DEPLOY_FTD_DEVICE_CHANGES","INDEX_TENANT","TERMINATE_DEVICE_RA_VPN_SESSIONS","REFRESH_RA_VPN_SESSIONS","TERMINATE_USER_RA_VPN_SESSIONS","UPGRADE_ASA","UPGRADE_FTD","UPGRADE_FTD_CACHE","MSP_UPGRADE_FTDS","MSP_GET_COMPATIBLE_FTD_UPGRADE_PACKAGES","CREATE_SDC","SEND_AI_ASSISTANT_MESSAGE","MSP_CREATE_TENANT","MSP_ADD_USERS_TO_TENANT","MSP_ADD_USER_GROUPS_TO_TENANT","MSP_DELETE_USERS_FROM_TENANT","MSP_DELETE_USER_GROUPS_FROM_TENANT","MSP_ADD_EXISTING_TENANT","MSP_ENABLE_MULTICLOUD_DEFENSE","MSP_PROVISION_CDFMC","CREATE_USERS","DELETE_USERS","EXECUTE_ASA_COMMAND","ANALYZE_POLICIES","TRIGGER_FMC_DATA_EXPORT","EXPORT_DEVICES","EXPORT_CLOUD_SERVICES","EXPORT_MANAGERS","EXPORT_TEMPLATES","PROVISION_SDWAN_SAL_RESOURCES","DEPROVISION_SDWAN_SAL_RESOURCES","PROVISION_FIREWALL_SAL_RESOURCES","DEPROVISION_FIREWALL_SAL_RESOURCES","RENEW_SAL_LICENSE","REMOVE_SSX_SAL_SUBSCRIPTION","ASA_HEALTH_METRICS_TENANT_PROVISIONING","UPDATE_DEVICE_BULK"],"example":"ONBOARD_ASA","type":"string"},"transactionUid":{"description":"The unique identifier of the transaction triggered.","example":"7131daad-e813-4b8f-8f42-be1e241e8cdb","format":"uuid","type":"string"}},"type":"object","$$ref":"#/components/schemas/CdoTransaction"}}},"description":"Security Cloud Control Transaction object that can be used to track the progress of the creation operation."},"400":{"content":{"application/json":{"schema":{"properties":{"details":{"additionalProperties":{"description":"Additional details, if any, on the error","example":{},"type":"object"},"description":"Additional details, if any, on the error","example":{},"type":"object"},"errorCode":{"description":"A unique code that describes the error.","enum":["INVALID_INPUT","UNAUTHORIZED","FORBIDDEN","NOT_FOUND","METHOD_NOT_ALLOWED","CONFLICT","TOO_MANY_REQUESTS","SERVER_ERROR","PROXY_ERROR","BAD_REQUEST","UNPROCESSABLE_ENTITY"],"example":"INVALID_INPUT","type":"string"},"errorMsg":{"description":"A human-readable error description in English.","example":"sample error","type":"string"}},"$$ref":"#/components/schemas/CommonApiError"}}},"description":"Invalid input provided. Check the response for details.","$$ref":"#/components/responses/http400BadRequest"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"A human-readable error description in English.","example":"invalid_token","type":"string"},"errorDescription":{"description":"A human-readable error description in English.","example":"Your token is invalid","type":"string"}},"$$ref":"#/components/schemas/AuthenticationError"}}},"description":"Request not authorized.","$$ref":"#/components/responses/http401Unauthorised"},"403":{"content":{"application/json":{"schema":{"properties":{"details":{"additionalProperties":{"description":"Additional details, if any, on the error","example":{},"type":"object"},"description":"Additional details, if any, on the error","example":{},"type":"object"},"errorCode":{"description":"A unique code that describes the error.","enum":["INVALID_INPUT","UNAUTHORIZED","FORBIDDEN","NOT_FOUND","METHOD_NOT_ALLOWED","CONFLICT","TOO_MANY_REQUESTS","SERVER_ERROR","PROXY_ERROR","BAD_REQUEST","UNPROCESSABLE_ENTITY"],"example":"INVALID_INPUT","type":"string"},"errorMsg":{"description":"A human-readable error description in English.","example":"sample error","type":"string"}},"$$ref":"#/components/schemas/CommonApiError"}}},"description":"User does not have sufficient privileges to perform this operation.","$$ref":"#/components/responses/http403Forbidden"},"500":{"content":{"application/json":{"schema":{"properties":{"details":{"additionalProperties":{"description":"Additional details, if any, on the error","example":{},"type":"object"},"description":"Additional details, if any, on the error","example":{},"type":"object"},"errorCode":{"description":"A unique code that describes the error.","enum":["INVALID_INPUT","UNAUTHORIZED","FORBIDDEN","NOT_FOUND","METHOD_NOT_ALLOWED","CONFLICT","TOO_MANY_REQUESTS","SERVER_ERROR","PROXY_ERROR","BAD_REQUEST","UNPROCESSABLE_ENTITY"],"example":"INVALID_INPUT","type":"string"},"errorMsg":{"description":"A human-readable error description in English.","example":"sample error","type":"string"}},"$$ref":"#/components/schemas/CommonApiError"}}},"description":"Internal server error."}},"security":[{"bearerAuth":[]}],"summary":"Onboard FTD device using Zero-Touch Provisioning","tags":["Inventory"],"__originalOperationId":"onboardFtdDeviceUsingZtp","method":"post","path":"/v1/inventory/devices/ftds/ztp"}}