Add Authentication and Policy Server Access Configuration - Cisco Catalyst Center API 2.3.7.9

{"type":"api","title":"Add Authentication and Policy Server Access Configuration","meta":{"id":"/apps/pubhub/media/cisco-catalyst-center-api-2-3-7-9/a58b8872fdc3116cb1a0478252ee81e8011d37c2/6a3cd7ca-617e-374c-a10b-740a529a993e","info":{"title":"Intent API","description":"Cisco Catalyst Center Platform v. 2.3.7.9","version":"2.3.7.9"},"tags":[{"name":"Authentication","description":"Access Token Request"},{"name":"Sites","description":"Create sites, assign devices to them and get site health"},{"name":"Topology","description":"Get topology details and overall network health"},{"name":"Devices","description":"Manage network devices"},{"name":"Clients","description":"Get client (by MAC Address) health, status, and information"},{"name":"Users","description":"Obtain information about *Users* and associated connections and devices"},{"name":"Issues","description":"Obtain issue details, impacted hosts, and suggested actions for remediation"},{"name":"Site Design","description":"Design/provision NFV device to site/area/building/floor"},{"name":"Network Settings","description":"Manage Network Settings"},{"name":"Software Image Management (SWIM)","description":"Manage activation and distribution of software images"},{"name":"Device Onboarding (PnP)","description":"Zero-touch deployment of network devices"},{"name":"Configuration Templates","description":"Configure and manage CLI templates"},{"name":"Configuration Archive","description":"Export device configurations to an encrypted zip file"},{"name":"SDA","description":"(BETA) Configure and manage SDA wired fabric border devices"},{"name":"Sensors","description":"Manage sensor test templates"},{"name":"Wireless","description":"Configure and manage SSIDs, Wireless, and RF profiles in non-fabric wireless network"},{"name":"Command Runner","description":"Retrieve real-time device configuration and CLI keywords"},{"name":"Discovery","description":"Discover network devices and manage discovery jobs"},{"name":"Path Trace","description":"Network route and flow analysis"},{"name":"File","description":"Get configuration files by namespace and ID"},{"name":"Task","description":"Get information about asynchronous tasks"},{"name":"Tag","description":"Assign administrator-defined tags to network devices"},{"name":"Application Policy","description":"Create and manage applications, application sets, and application policies"},{"name":"Applications","description":"Intent API to get a list of applications for a specific site, a device, or a client device's MAC address"},{"name":"ITSM","description":"Provide the details of the various third party integrations that are supported"},{"name":"Event Management","description":"Event based notification to external handlers"},{"name":"Security Advisories","description":"Provides the details of advisories on the network and devices"},{"name":"Compliance","description":"Provides compliance status data on the devices"}],"x-parser-conf":{"expand":0,"labelConfig":{"endpoint":"summary"}},"openapi":"3.0.1","servers":[{"url":"/"}]},"spec":{"operationId":"addAuthenticationAndPolicyServerAccessConfiguration","tags":["System Settings"],"deprecated":false,"summary":"Add Authentication and Policy Server Access Configuration","description":"API to add AAA/ISE server access configuration. Protocol can be configured as either RADIUS OR TACACS OR RADIUS_TACACS. If configuring Cisco ISE server, after configuration, use ‘Cisco ISE Server Integration Status’ Intent API to check the integration status. Based on integration status, if require use 'Accept Cisco ISE Server Certificate for Cisco ISE Server Integration' Intent API to accept the Cisco ISE certificate for Cisco ISE server integration, then use again ‘Cisco ISE Server Integration Status’ Intent API to check the integration status.","parameters":[],"requestBody":{"description":"request","content":{"application/json":{"schema":{"type":"object","properties":{"authenticationPort":{"type":"integer","description":"Authentication port of RADIUS server. It is required for RADIUS server. The range is from 1 to 65535. E.g. 1812"},"accountingPort":{"type":"integer","description":"Accounting port of RADIUS server. It is required for RADIUS server. The range is from 1 to 65535. E.g. 1813"},"ciscoIseDtos":{"type":"array","items":{"type":"object","properties":{"description":{"type":"string","description":"Description about the Cisco ISE server"},"fqdn":{"type":"string","description":"Fully-qualified domain name of the Cisco ISE server. E.g. xi-62.my.com"},"password":{"type":"string","description":"Password of the Cisco ISE server"},"sshkey":{"type":"string","description":"SSH key of the Cisco ISE server"},"ipAddress":{"type":"string","description":"IP Address of the Cisco ISE Server"},"subscriberName":{"type":"string","description":"Subscriber name of the Cisco ISE server. E.g. pxgrid_client_1662589467"},"userName":{"type":"string","description":" User name of the Cisco ISE server"}}},"description":"Cisco ISE Server DTOs"},"ipAddress":{"type":"string","description":"IP address of authentication and policy server"},"pxgridEnabled":{"type":"boolean","description":"Value true for enable, false for disable. Default value is true"},"useDnacCertForPxgrid":{"type":"boolean","description":"Value true to use Catalyst Center certificate for Pxgrid. Default value is false"},"isIseEnabled":{"type":"boolean","description":"Value true for Cisco ISE Server. Default value is false"},"port":{"type":"integer","description":"Port of TACACS server. It is required for TACACS server. The range is from 1 to 65535"},"protocol":{"type":"string","enum":["TACACS","RADIUS","RADIUS_TACACS"],"description":"Type of protocol for authentication and policy server. If already saved with RADIUS, can update to RADIUS_TACACS. If already saved with TACACS, can update to RADIUS_TACACS "},"retries":{"type":"string","description":"Number of communication retries between devices and authentication and policy server. The range is from 1 to 3."},"role":{"type":"string","description":"Role of authentication and policy server. E.g. primary, secondary"},"sharedSecret":{"type":"string","description":"Shared secret between devices and authentication and policy server "},"timeoutSeconds":{"type":"string","description":"Number of seconds before timing out between devices and authentication and policy server. The range is from 2 to 20"},"encryptionScheme":{"type":"string","enum":["KEYWRAP","RADSEC"],"description":"Type of encryption scheme for additional security"},"messageKey":{"type":"string","description":"Message key used to encrypt shared secret"},"encryptionKey":{"type":"string","description":"Encryption key used to encrypt shared secret"},"externalCiscoIseIpAddrDtos":{"type":"array","items":{"type":"object","properties":{"externalCiscoIseIpAddresses":{"type":"array","items":{"type":"object","properties":{"externalIpAddress":{"type":"string","description":""}}},"description":""},"type":{"type":"string","description":""}}},"description":" For future use"}},"description":"","$$ref":"#/components/schemas/AddAuthenticationAndPolicyServerAccessConfigurationRequest"}}},"required":true},"responses":{"200":{"description":"","content":{"application/json":{"schema":{"type":"object","properties":{"response":{"type":"object","properties":{"taskId":{"type":"string","description":""},"url":{"type":"string","description":""}},"description":""},"version":{"type":"string","description":""}},"description":"","$$ref":"#/components/schemas/AddAuthenticationAndPolicyServerAccessConfigurationResponse"}}}},"202":{"description":"The request was successful. The result is contained in the response body.","content":{}},"404":{"description":"The client made a request for a resource that does not exist.","content":{}},"500":{"description":"The server could not fulfill the request.","content":{}}},"x-rapi-id":"5282-78a3-4fbb-a82c","x-rapi-overview":"API to add AAA/ISE server access configuration. Protocol can be configured as either RADIUS OR TACACS OR RADIUS_TACACS. If configuring Cisco ISE server, after configuration, use ‘Cisco ISE Server Integration Status’ Intent API to check the integration status. Based on integration status, if require use 'Accept Cisco ISE Server Certificate for Cisco ISE Server Integration' Intent API to accept the Cisco ISE certificate for Cisco ISE server integration, then use again ‘Cisco ISE Server Integration Status’ Intent API to check the integration status.","x-rapi-domain":"System Settings","x-rapi-subdomain":"","x-rapi-version":"1.0.0","x-rapi-internalPath":"/api/v1/aaa","x-rapi-publicPath":"/dna/intent/api/v1/authentication-policy-servers","x-rapi-registerInKONG":true,"x-rapi-banner":["Intent"],"__originalOperationId":"addAuthenticationAndPolicyServerAccessConfiguration","method":"post","path":"/dna/intent/api/v1/authentication-policy-servers"}}