Update list of remote authentication servers - Crosswork Network Controller 7.1 APIs

{"type":"api","title":"Update list of remote authentication servers","meta":{"id":"/apps/pubhub/media/crosswork-network-controller-7-1/f445c17e25a1120e8fbde4bd413083d0fd88b2b3/5acb28bd-9f51-3722-affd-7ff6c639d9a2","info":{"title":"Crosswork Remote Authentication Server Integration API - Version 2","contact":{"name":"Crosswork Team, Cisco","email":"support@cisco.com"},"license":{"name":"Cisco Software License Agreement","url":"http://www.cisco.com/public/sw-license-agreement.html"},"version":"2.0.0","description":"APIs to support integration of the Crosswork platform and remote authentication servers. TACACS+, LDAP, RADIUS, SSO server types are supported."},"security":[{"bearerAuth":[]}],"x-parser-conf":{"overview":{"markdownPath":"reference/INFRA/RBAC/auth-remote-v2-overview.md"}},"swagger":"2.0","basePath":"/crosswork/authconfig/v2","schemes":["https"],"securityDefinitions":{"bearerAuth":{"type":"apiKey","name":"Authorization","in":"header","description":"Use a bearer token to authenticate requests. Include the token in the Authorization header with the prefix 'Bearer '."}}},"spec":{"summary":"Update list of remote authentication servers","description":"Update the list of remote authentication servers that were configured to integrate with Crosswork. The updated list will overwrite the current list of remote authentication servers. To delete a given remote authentication server, simply remove it from the body payload. To add a new remote authentication server, add it to the existing list of servers in the body payload.","operationId":"UpdateAllServers","consumes":["application/json"],"produces":["application/json"],"responses":{"204":{"description":"No Content. The request was successful and there is no additional content in the response body.","schema":{"type":"object","properties":{"example":{"type":"array"}},"example":{"name":{"type":"string","description":"No Content"}},"$$ref":"#/definitions/authconfigEmpty"}},"403":{"description":"Forbidden. The server recognizes the authentication credentials, but the client is not authorized to perform this request."},"422":{"description":"Unprocessable Entity. The server understands the content type of the request entity, and the syntax of the request entity is correct, but it was unable to process the contained instructions."},"500":{"description":"Internal Server Error. The server could not fulfill the request."}},"parameters":[{"name":"body","in":"body","required":true,"schema":{"type":"object","properties":{"tacacs":{"type":"object","properties":{"tacacs_servers":{"type":"array","items":{"type":"object","required":["host","port","secret","secretFormat","service","retries","authType"],"properties":{"host":{"type":"string","description":"IP Address or hostname"},"port":{"type":"integer","description":"The port number on which the TACACS+ server is listening."},"secret":{"type":"string","description":"Shared secret"},"secretFormat":{"type":"string","description":"Shared secret format ascii or hex"},"service":{"type":"string","description":"The TACACS+ service name to request."},"priority":{"type":"integer","description":"The priority of this server in a list of multiple remote servers."},"timeout":{"type":"integer","description":"Re-transmit timeout"},"interface":{"type":"string","description":"Interface IP Address"},"retries":{"type":"integer","description":"The number of times to retry a request to the TACACS+ server before failing."},"policy-id":{"type":"string","description":"Key name for role ID configured on the TACACS server"},"authType":{"type":"string","enum":["pap","chap"],"description":"Authentication type","$$ref":"#/definitions/authTypeEnum"}},"$$ref":"#/definitions/authconfigTacacsServer"},"example":[{"host":"1.2.3.4","port":49,"secret":"secret","secretFormat":"ascii","service":"raccess","priority":1,"timeout":30,"retries":1,"authType":"pap"}]}},"$$ref":"#/definitions/authconfigTacacsServers"},"ldap_servers":{"type":"object","properties":{"ldap_server":{"type":"array","items":{"type":"object","required":["name","ldapUrl","bindDn","bindCredential","baseDn","userFilter","dnFormat","principalAttributeId","policyId","order","connectTimeout"],"properties":{"name":{"type":"string","description":"Name of the connection"},"ldapUrl":{"type":"string","description":"URL of the LDAP server"},"bindDn":{"type":"string","description":"Credentials to bind when initializing connections"},"bindCredential":{"type":"string","description":"Credentials to bind when initializing connections"},"baseDn":{"type":"string","description":"Search for the bind user admin will be done starting at the base Distinguished Name (DN)"},"userFilter":{"type":"string","description":"filter to match the users."},"dnFormat":{"type":"string","description":"Format for the Distinguished Name (DN)"},"principalAttributeId":{"type":"string","description":"Key in LDAP for the username of the user"},"policyId":{"type":"string","description":"Key in LDAP for the Crosswork role mapping"},"order":{"type":"string","description":"Priority order of the LDAP server"},"connectTimeout":{"type":"integer","description":"Connection timeout in milliseconds"}},"$$ref":"#/definitions/authconfigLdapServer"},"example":[{"name":"Ldap-132-24","ldapUrl":"ldap://10.194.132.24:10389","bindDn":"cn=admin,dc=example,dc=org","bindCredential":"admin","connectTimeout":5000,"baseDn":"dc=example,dc=org","userFilter":"uid={user}","dnFormat":"uid=%s,dc=example,dc=org","principalAttributeId":"uid","policyId":"crossworkPolicyId","order":1}],"$$ref":"#/definitions/authconfigLdapServers"},"ldap_attr_servers":{"type":"object","properties":{"ldap_attr_server":{"type":"array","items":{"type":"object","required":["baseDn","bindDn","ldapUrl","bindCredential","userFilter","failFast","connectTimeout","attributes"],"properties":{"baseDn":{"type":"string","description":"Search for the bind user admin will be done starting at the base Distinguished Name (DN)"},"bindDn":{"type":"string","description":"Credentials to bind when initializing connections"},"ldapUrl":{"type":"string","description":"URL of the LDAP server"},"bindCredential":{"type":"string","description":"Credentials to bind when initializing connections"},"userFilter":{"type":"string","description":"filter to match the users."},"failFast":{"type":"boolean","description":"Attempt to populate the connection pool early on startup and fail quickly in case of failure."},"connectTimeout":{"type":"integer","description":"Connection timeout in milliseconds"},"trustStore":{"type":"string","description":"Path to the keystore used for LDAPS connection."},"trustStorePassword":{"type":"string","description":"Password to the keystore file used for LDAPS connection."},"trustStoreType":{"type":"string","description":"Type of trust-store for LDAPS connection.","default":"JKS"},"attributes":{"type":"object","description":"Key-value pair. Key maps to the key in LDAP for the Crosswork role mapping. Value maps to the value fetched using the key in LDAP."}},"$$ref":"#/definitions/authconfigLdapAttrServer"},"example":[{"baseDn":"dc=example,dc=org","bindDn":"cn=admin,dc=example,dc=org","ldapUrl":"ldap://10.194.132.24:10389","bindCredential":"admin","userFilter":"uid={user}","failFast":false,"connectTimeout":5000,"trustStore":null,"trustStorePassword":null,"trustStoreType":null,"attributes":{"uid":"policy_id"}}]}},"$$ref":"#/definitions/authconfigLdapAttrServers"}},"$$ref":"#/definitions/authconfigLdapServerAttr"},"radius_servers":{"type":"object","properties":{"radius_servers":{"type":"array","items":{"type":"object","required":["host","port","secret","secretFormat","retries","authType","priority"],"properties":{"host":{"type":"string","description":"IP Address or hostname"},"port":{"type":"integer","description":"The port number on which the server is listening."},"secret":{"type":"string","description":"Shared secret"},"secretFormat":{"type":"string","enum":["ascii","hex"],"description":"Shared secret format","$$ref":"#/definitions/secretFormatType"},"timeout":{"type":"integer","description":"Re-transmit timeout"},"retries":{"type":"integer","description":"The number of times to retry a request to the remote server before failing."},"authType":{"type":"string","enum":["pap","chap"],"description":"Authentication type","$$ref":"#/definitions/authTypeEnum"},"priority":{"type":"integer","description":"Priority"},"policyId":{"type":"string","description":"Key name for role ID configured on the RADIUS server"}},"$$ref":"#/definitions/authconfigRadiusServer"},"example":[{"host":"1.2.3.4","port":49,"secret":"secret","secretFormat":"secretFormat","timeout":1,"retries":0,"authType":"pap","priority":11,"policyId":"policyx"}]}},"$$ref":"#/definitions/authconfigRadiusServers"}},"$$ref":"#/definitions/authconfigRemoteServers"},"description":"application/json"}],"tags":["authconfig"],"__originalOperationId":"UpdateAllServers","security":[{"bearerAuth":[]}],"method":"put","path":"/remote/servers"}}