#%RAML 1.0 title: Operations Manager REST mediaType: application/json annotationTypes: deprecated: properties: replaceWith: type: string description: | Describe the alternative resource/method that can be used as a substitute. required: true since: type: string pattern: (0[1-9]|10|11|12)/20[0-9]{2} required: true description: Describe when the resource/method became deprecated in the format (mm/YYYY) allowedTargets: [Resource, Method] displayName: Deprecated description: | A deprecated resource or method is *not* recommended for new work. The resource or method will be removed in a future version of the API. Deprecation does NOT mean it is not supported anymore in the current version. deprecatedProperty: properties: replaceWith: type: object description: | Describe the alternative property in an object that can be used as a substitute. required: false since: type: string pattern: (0[1-9]|10|11|12)/20[0-9]{2} required: true description: Describe when the property became deprecated in the format (mm/YYYY) allowedTargets: [TypeDeclaration] displayName: Deprecated Property description: | A deprecated property is *not* recommended for new work. Deprecated properties will take precedence over their new counterparts by overlaying those changes to maintain backwards compatibility if the deprecated property has been replaced with a new alias. For example if new_key is an alias for a deprecated property old_key, if both old_key and new_key are given in the same operation, new_key will be applied first, and then the old_key will be applied last, overwriting the new_key value. If a PATCH operation has been emulated, it is recommended to first remove the deprecated properties before re-using that data in a PUT. The property will be removed in a future version of the API. Deprecation does NOT mean it is not supported anymore in the current version. version: v2 documentation: - title: Operations Manager REST API content: This API allows control and inspection of an Opengear Operations Manager appliance. baseUri: https://{appliancehost}/api/v2 protocols: [ HTTPS ] securitySchemes: token: description: Operations Manager base authentication scheme type: Basic Authentication describedBy: headers: Authorization: description: authorization session token type: string displayName: Authorization example: Token 521a00e57d4a461b3e4bb0c55166f97c types: error: type: object properties: error: type: array description: A list of errors items: type: object properties: type: type: integer code: type: integer level: type: integer text: type: string args: type: object bruteForceProtection: type: object properties: brute_force_protection: type: object properties: ssh_enabled: description: enable or disable watching failed SSH login attempts type: boolean https_enabled: description: enable or disable watching failed HTTPS login attempts type: boolean max_retry: description: number of failures that have to occur in the last `find_time` minutes to ban then IP type: integer format: int32 minimum: 3 ban_time: description: effective ban duration (in seconds) type: integer format: int32 minimum: 60 find_time: description: time interval (in minutes) before the current time where failures will count towards a ban type: integer format: int32 minimum: 1 bruteForceProtectionBans: type: object properties: "brute_force_protection_bans": type: array items: type: object properties: jail: description: Name of the jail responsible for banning the IP type: string address: description: IP address banned by Brute Force Protection type: string time_of_ban: description: Timestamp of when the IP address was banned type: integer ban_time: description: Length of ban in seconds type: integer staticRoutesStatus: type: object properties: "static_routes_status": type: array items: type: object properties: route: description: The id of the route this status is for type: string status: description: A value indicating the status of the static route. type: string enum: [ "waiting", "installed", "error", "not_installed", "physif_disabled", "physif_disconnected", "no_connections", ] error: description: If the status is 'error', this is the output from the 'ip route' command. type: string credentials: type: object properties: username: type: string password: type: string new_password: type: string required: false confirm_password: type: string required: false errorString: type: object properties: error: type: string getSessionResponse: type: object properties: state: type: string session: type: string user: type: string required: false last_challenge: type: string required: false # these fields are common to GET/PUT/POST userObj: type: object properties: description: type: string description: A descriptive string for the user. required: false enabled: type: boolean description: Only enabled users are able to login. required: false default: true hashed_password: type: string description: | A hashed password, compatible with the crypt GNU C Library function, to set for the user. [visible:never] required: false no_password: type: boolean description: | Set this to false for local users. One of password or hashed_password is required. Set this to true for remote-only (AAA) users. Both password and hashed_password must be unset. [visible:password:=:] required: false default: false ssh_password_enabled: type: boolean description: | Allow ssh login using a password. If this is false and an authorized key has been set, the user can still login to ssh. required: false default: true groups: type: array description: A list of groups for which this user is a member. items: type: string description: | A group for which this user is a member. [reference:group:groupname] required: false # PUT for a user also accepts an optional plain-text password putUserObj: type: userObj properties: password: type: string required: false description: | The plaintext password to set for the user. [sensitive,visible:no_password:!=:true,required:no_password:=:true:stored] # POST for a user (and PUT /users) requires the username and password postUserObj: type: userObj properties: username: type: string description: The POSIX name for the user. password: type: string required: false description: | The plaintext password to set for the user. [sensitive,required:always,visible:no_password:!=:true] # GET for a user returns the username, but not the plain-text password getUserObj: type: userObj properties: username: type: string description: The POSIX name for the user. id: type: string description: A unique identifier for this user. rights: type: object properties: delete: type: boolean modify: type: boolean groupNames: type: array description: A duplicate list of group names for the user. items: type: string # PUT /users is like POST for a bunch of users putUserList: type: object properties: "users": type: array description: The users to add items: type: postUserObj putUserType: type: object properties: "user": type: putUserObj postUserType: type: object properties: "user": type: postUserObj getUserType: type: object properties: "user": type: getUserObj getUserList: type: object properties: "users": type: array items: type: getUserObj meta: metaResponse userSSHAuthorizedKey: type: object properties: id: type: string description: ID of SSH key key: type: string description: The SSH key key_fingerprint: type: string description: The fingerprint of the SSH key userSSHAuthorizedKeys: type: object properties: authorized_keys: type: array items: type: userSSHAuthorizedKey allUsersSSHAuthorizedKey: type: userSSHAuthorizedKey properties: username: type: string description: The user associated with the SSH key allUsersSSHAuthorizedKeys: type: object properties: system_authorized_keys: type: array items: type: allUsersSSHAuthorizedKey allUsersSSHAuthorizedKeyPost: type: object properties: system_authorized_key: type: object properties: key: type: string description: The SSH key username: type: string description: The user associated with the SSH key allUsersSSHAuthorizedKeyGet: type: object properties: system_authorized_key: type: allUsersSSHAuthorizedKey userSSHAuthorizedKeyGet: type: object properties: authorized_key: type: userSSHAuthorizedKey userSSHAuthorizedKeyPost: type: object properties: authorized_key: type: object properties: key: type: string getLLDPResponse: type: object properties: "lldp": type: object properties: "enabled": type: boolean "description": type: string "platform": type: string "physifs": type: array items: type: string putLLDP: type: object properties: "lldp" : type: object properties: "enabled": type: boolean "description": type: string required: false "platform": type: string required: false "physifs": type: array items: type: string lldpChassis: type: object properties: lldpstat: type: object properties: name: type: string mac: type: string Bridge: type: boolean Router: type: boolean Station: type: boolean Wlan: type: boolean descr: type: string mgmt_ip: type: array items: type: string lldpNeighbor: type: object properties: lldp-status-neighbor: type: array items: type: object properties: name: type: string remote_name: type: string remote_mac: type: string mgmt_ip: type: array items: type: string port_name: type: string port: type: string id: type: integer getSyslogServerResponse: type: object properties: "syslogServer": type: object properties: "id": type: string "multi_field_identifier": type: string description: A string which can be used to uniquely identify this syslog server "port": type: integer "protocol": type: string "address": type: string "description": type: string "port_logging_enabled": type: boolean "min_severity": type: string enum: [ "info", "alert", "critical", "debug", "emergency", "error", "info", "notice", "warning" ] getSyslogServerResponseSingle: type: object properties: "id": type: string "multi_field_identifier": type: string description: A string which can be used to uniquely identify this syslog server "port": type: integer "protocol": type: string "address": type: string "description": type: string "port_logging_enabled": type: boolean "min_severity": type: string enum: [ "info", "alert", "critical", "debug", "emergency", "error", "info", "notice", "warning" ] getSyslogServerListResponse: type: object properties: "syslogServers": type: array items: type: getSyslogServerResponseSingle putSyslogServer: type: object properties: "syslogServer" : type: object properties: "port": type: integer required: false "protocol": type: string required: false "address": type: string "description": type: string required: false "port_logging_enabled": type: boolean required: false "min_severity": type: string required: false enum: [ "info", "alert", "critical", "debug", "emergency", "error", "info", "notice", "warning" ] getLogLinesResponse: type: object properties: "id": string "no_of_log_lines": integer "log_lines": type: array items: type: string getSyslogLinesResponse: type: object properties: "syslog": type: getLogLinesResponse getPortLogLinesResponse: type: object properties: "portlog": type: getLogLinesResponse user: type: object properties: "id": string "username": string "description": string "enabled": boolean "groups": type: array items: type: string putGroupObj: type: object properties: "groupname": type: string description: The POSIX name for the group (maximum of 60 characters). "enabled": type: boolean required: false default: true description: | If the group is currently enabled. If a group is disabled, any permissions attached to it will not be bestowed upon users in that group. "mode": type: string description: | Set to global to allow access to all ports. Set to scoped to limit access to specific ports. enum: [ "global", "scoped" ] "role": type: string description: | Set to Administrator to allow access to the entire web UI. Set to ConsoleUser to limit access to serial port pages only. enum: [ "Administrator", "ConsoleUser" ] "description": type: string required: false description: A description of the group's purpose. "ports": type: array required: false description: | The ports that users in this group can access. [**scoped mode only**] items: type: string description: | A single port that users in this group can access. [reference:port:device] getGroupObj: type: putGroupObj properties: "id": description: "A unique identifier for this group" type: string "members": type: array description: "A list of users assigned to this group" items: type: string "rights": type: object properties: "delete": type: boolean "modify": type: boolean putGroupType: type: object properties: group: type: putGroupObj getGroupType: type: object properties: group: type: getGroupObj getGroupList: type: object properties: "groups": type: array items: type: getGroupObj meta: metaResponse # We only document the way LH uses this endpoint. # However, this endpoint silently accepts alternative fields that match # getGroupList for config export/import purposes. putGroupList: type: object properties: "groups": type: array description: The groups to add items: type: object properties: "name": "type": string description: The POSIX name for the group (maximum of 60 characters). "description": "type": string description: A description of the group's purpose. "roles": "type": array description: | Set to ["admin"] to allow access to the entire web UI. Set to ["all_ports_user", "pmshell_user"] to limit access to serial port pages only. Set to ["basic_webui_user", "pmshell_user"] to limit access to serial port pages only. "items": "type": string enum: [ "admin", "pmshell_user", "all_ports_user", "basic_webui_user", ] "ports": "type": array "required": false "description": | The boolean at each index indicates if the port for that index is accessible. The ports field is required if roles[0] is set to 'basic_webui_user'. "items": "type": boolean responseToSessionChallenge: type: object properties: session: type: string state: type: object challenge: description: Next challenge (if any) type: string deleteSessionResponse: type: object properties: session: type: string success: type: string state: type: string user: type: string extendSessionResponse: type: object properties: session: type: string success: type: boolean state: type: object seconds_remaining: type: integer format: int32 putPortIpAliasListSingle: type: object description: An IP address for dedicated access to a specific serial or USB console port. properties: "ipaddress": type: string description: The IP address to use for the port alias. Supports both IPv4 and IPv6. "interface": type: string description: | The network interface to add the IP alias to. [reference:physif:device] putPortIpAliasList: type: array items: type: putPortIpAliasListSingle getPortIpAliasListSingle: type: putPortIpAliasListSingle properties: "id": string "port": string getPortIpAliasList: type: array items: type: getPortIpAliasListSingle putPortObj: type: object properties: parity: type: string description: The format of the parity byte. enum: [ "none", "odd", "even", "mark", "space" ] label: type: string description: The label for the serial port. stopbits: type: string description: The number of stop bits between characters. enum: [ "1", "1.5", "2" ] pinout: type: string description: | The physical pinout of the port connector. [enum:available_pinouts] enum: [ "X1", "X2", "USB" ] ip_alias: type: putPortIpAliasList description: | An IP address for dedicated access to a specific serial or USB console port. [**consoleServer mode only**] required: false baudrate: type: string description: The communication rate of the port. enum: [ "50", "75", "110", "134", "150", "200", "300", "600", "1200", "1800", "2400", "4800", "9600", "19200", "38400", "57600", "115200", "230400" ] mode: type: string description: The mode that the port is in. enum: [ "disabled", "consoleServer", "localConsole" ] logging_level: type: string description: Indicates the logging level for the port. enum: [ "disabled", "eventsOnly", "eventsAndReceivedCharacters", "eventsAndAllCharacters" ] databits: type: string description: The number of data bits in a character. enum: [ "5", "6", "7", "8" ] escape_char: type: string description: | The escape character for pmshell. [**consoleServer mode only**] control_code: type: object properties: break: type: string maxLength: 1 pattern: ^[a-h,j-l,n-z]*$ required: false portlog: type: string maxLength: 1 pattern: ^[a-h,j-l,n-z]*$ required: false power: type: string maxLength: 1 pattern: ^[a-h,j-l,n-z]*$ required: false chooser: type: string maxLength: 1 pattern: ^[a-h,j-l,n-z]*$ required: false quit: type: string maxLength: 1 pattern: ^[a-h,j-l,n-z]*$ required: false pmhelp: type: string maxLength: 1 pattern: ^[a-h,j-l,n-z]*$ required: false description: | The control character for pmshell. Example: setting control_code.pmhelp="h" will open the help menu when CTRL + h is pressed. [**consoleServer mode only**] required: false terminal_emulation: type: string description: | The terminal emulation type. [**localConsole mode only**] enum: [ "vt100", "vt102", "vt220", "linux", "ansi" ] kernel_debug: type: boolean description: | Emits kernel debug messages from the chosen port. Only one instance of this is allowed per device. [**localConsole mode only**] getPortObj: type: putPortObj properties: id: type: string description: The ID of the serial port. This ID can be used to fetch individual ports using the /ports/ endpoint. status: type: string description: The status of the RJ45 and USB serial ports. If the serial port type is RJ45, then this will always return 'ok'. enum: [ "ok", "disconnected" ] available_pinouts: type: array items: type: string description: > Valid values for the "pinout" property of this port. Pinout settings are not applicable for USB ports and must always be set to "USB". In addition, some units do not support pinout switching on all ports and in those cases the pinout must always be set to "X2". sessions: type: array items: type: portSessionObj device: type: string name: type: string putPortType: type: object properties: port: type: putPortObj putPortList: type: object properties: ports: type: array items: type: putPortObj getPortType: type: object properties: port: type: getPortObj getPortList: type: object properties: ports: type: array items: type: getPortObj meta: metaResponse portSessionObj: type: object properties: username: string client_pid: integer getPortSessionType: type: object properties: port_session: type: portSessionObj getPortSessionList: type: object properties: port_sessions: type: array items: type: portSessionObj deleteMultiplePortSessionsResponse: type: object properties: disconnected_session_count: integer managementportObj: type: object properties: "enabled": type: boolean description: If the management console is currently enabled "kerneldebug": type: boolean description: If kernel debug messages are currently enabled "termemulation": type: string description: Terminal emulation for management console enum: [ "vt100", "vt102", "vt220", "linux", "ansi" ] "baud": type: string description: The serial port speed enum: [ "50", "75", "110", "134", "150", "200", "300", "600", "1200", "1800", "2400", "4800", "9600", "19200", "38400", "57600", "115200", "230400" ] "databits": type: string description: The number of data bits to use enum: [ "5", "6", "7", "8" ] "parity": type: string description: The serial port's parity. enum: [ "none", "odd", "even", "mark", "space" ] "stopbits": type: string description: The number of stop bits to use enum: [ "1", "1.5", "2" ] managementportResponseObj: type: managementportObj properties: "id": type: string description: A unique identifier for this management port. "device": type: string description: The tty device that this management port uses. putMgmtPortById: type: object properties: "managementport": type: managementportObj putMgmtPortList: type: object properties: "managementports": type: array items: type: managementportObj getMgmtPortByIdResponse: type: object properties: "managementport": type: managementportResponseObj getMgmtPortByIdResponseList: type: object properties: "managementports": type: array items: type: managementportResponseObj meta: metaResponse putPortPowerAction: type: object properties: "cmd": type: object properties: "action": type: string enum: [ # valid values are defined by ogpowergroup and validated in Port.lua "on", "off", "cycle", "status" ] putPortPowerActionResponse: type: object properties: "cmd": type: string getSearchResponse: type: object properties: "search": type: object properties: "id": type: string searchFieldsResponse: type: object properties: "fields": type: array items: type: string getPhysifList : description: "A list of network interfaces" type: object properties: "physifs": type: array items: type: physifItemSingle ethernetSetting: type: object properties: "link_speed": type: string ethernetSettingGet: type: ethernetSetting properties: "id": type: string sim: type: object properties: "slot": type: number minimum: 1 maximum: 2 required: false "apn": type: string required: false "username": type: string required: false "password": type: string description: "[sensitive]" required: false "iptype": type: string required: false "failback_delay": type: number required: false description: "Delay before failback (in minutes)" minimum: 5 "fail_probe_address": type: string required: false description: "Network address to ping for connectivity testing" "fail_probe_interval": type: number required: false description: "Test interval (in seconds)" "fail_probe_count": type: number required: false description: "Maximum ping count per test, stopping on the first success" "fail_probe_threshold": type: number required: false description: "Number of consecutive test failures before failover/failback" simGet: type: sim properties: "id": type: string "runtime_status": type: object required: false properties: "id": type: string "iccid": type: string required: false "status": type: string required: false cellularSetting: type: object properties: "apn": type: string required: false (deprecatedProperty): replaceWith: {"cellular_setting": { "sims": [{"apn": "apn"}]}} since: 10/2020 "username": type: string required: false (deprecatedProperty): replaceWith: {"cellular_setting": { "sims": [{"username": "username"}]}} since: 10/2020 "password": type: string required: false description: "[sensitive]" (deprecatedProperty): replaceWith: {"cellular_setting": { "sims": [{"password": "password"}]}} since: 10/2020 "iptype": type: string required: false (deprecatedProperty): replaceWith: {"cellular_setting": { "sims": [{"iptype": "IPv4v6"}]}} since: 10/2020 "active_sim": type: number minimum: 1 maximum: 2 required: false "sim_failover_policy": type: string enum: [ "never", "on_disconnect", ] required: false "sim_failover_disconnect_mode": type: string enum: [ "ping", ] required: false "sim_failback_policy": type: string enum: [ "never", "delayed", "on_disconnect", ] required: false "sim_failback_disconnect_mode": type: string enum: [ "ping", ] required: false cellularSettingPut: type: cellularSetting properties: "sims": type: array items: type: sim cellularSettingGet: type: cellularSetting properties: "id": type: string "sims": type: array items: type: simGet bondSetting: type: object properties: "mode": type: string enum: [ "balance-rr", "active-backup", "balance-xor", "broadcast", "802.3ad", "balance-tlb", "balance-alb" ] "poll_interval": type: integer required: false description: > Specifies the MII link monitoring frequency in milliseconds. This determines how often the link state of each slave is inspected for link failures. A value of zero disables MII link monitoring. "primary_slave": type: (string | nil) required: false description: > Reference to the primary interface which will be added to the bond first. This interface will be the preferred interface for applicable bond modes such as active_backup. Only nil if the bond has no slave interfaces. bridgeSetting: type: object properties: "stp_enabled": type: boolean required: false description: > Enable Spanning Tree Protocol (STP) on the bridge. STP communicates with other switches on the network to prevent bridge loops and allows for backup links to be used. "primary_slave": type: (string | nil) required: false description: > This is a reference to the interface from which the bridge will inherit its MAC address. vlanSetting: type: object properties: "parent_physif": type: string required: false description: > Primary physical interface used for vlan configuration "vlan_id": type: integer required: false description: > The VLAN identifier (VID) for this interface. putPhysif: type: object description: "A single physical interface" properties: "physif": type: object properties: "enabled": type: "boolean" "mtu": type: number required: false "description": type: string required: false "ethernet_setting": type: ethernetSetting required: false "cellular_setting": type: cellularSettingPut required: false "slaves": type: array required: false description: > A list of slave interface references. items: type: string "dns": type: object required: false properties: "nameservers": type: array items: type: string required: false "search_domains": type: array items: type: string required: false "bond_setting": type: bondSetting required: false "bridge_setting": type: bridgeSetting required: false "vlan_setting": type: vlanSetting required: false physif: type: object properties: "enabled": type: boolean "mtu": type: number required: false "description": type: string required: false "media": type: string enum: [ "ethernet", "cellular", "bridge", "bond", "vlan", ] "slaves": description: > A list of physifs to become the aggregate slaves. Network connections and other settings from the first slave will be assigned to the aggregate. Network connections and other settings from other slaves will be removed. The first slave is set as the primary interface for a bond. type: array required: false items: type: string "dns": type: object required: false properties: "nameservers": type: array items: type: string required: false "search_domains": type: array items: type: string required: false "ethernet_setting": type: ethernetSetting required: false "cellular_setting": type: cellularSettingPut required: false "bond_setting": type: bondSetting required: false "bridge_setting": type: bridgeSetting required: false "vlan_setting": type: vlanSetting required: false "device": type: string required: false putPhysifList: type: object description: "A list of network interfaces" properties: "physifs": type: array items: type: physif postPhysif: type: object description: "A single network interface" properties: "physif": type: physif physifItemSingle: type: object description: "A network physical interface" properties: "enabled": type: "boolean" "name": type: string "mtu": type: number required: false "device": type: string "mac_address": type: string required: false description: "For Ethernet interfaces (including virtual Ethernet-based interfaces), the MAC address is returned in this property. For non-Ethernet interfaces, this property will be absent." "description": type: string "media": type: string "id": type: string "master": type: string description: "The UUID of the aggregate physif if this interface belongs to one" required: false "ethernet_setting": type: ethernetSettingGet required: false "cellular_setting": type: cellularSettingGet required: false "bond_setting": type: bondSetting required: false "bridge_setting": type: bridgeSetting required: false "vlan_setting": type: object required: false properties: "parent_physif": type: string description: > Reference to the primary interface which will be used for this VLAN interface "vlan_id": type: integer description: > The VLAN tag ID associated with this VLAN interface "slaves": type: array required: false description: > A list of slave interface references. items: type: string "dns": type: object properties: "nameservers": type: array items: type: string "search_domains": type: array items: type: string "runtime_status": type: object properties: "status": type: string "carrier": type: string required: false "id": type: string physifItem: type: object description: "A network physical interface" properties: "physif": type: physifItemSingle conn_return_status_ipv4_address: description: "A type used to represent IPv4 Address type of a conn" type: object "properties": "id": type: string "address": "type": string required: false "netmask": type: string required: false conn_return_status_ipv6_address: description: "A type used to represent IPv4 Address type of a conn" type: object "properties": "id": type: string "address": "type": string required: false "prefix_length": type: number required: false getConnList : description: "A list of network Conns" type: object properties: conns: type: array items: properties: "id": type: string required: false description: type: string "physif": type: string name: type: string "mode": type: string "runtime_status": type: object properties: "status": type: string "last_status_change": type: number "id": type: string "addresses": type: (conn_return_status_ipv4_address | conn_return_status_ipv6_address)[] "gateway": type: string "dns1": type: string (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 "dns2": type: string (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 required: false "ipv4_static_settings": type: object properties: "id": type: string "netmask": type: string "address": type: string "broadcast": type: string required: false "gateway": type: string required: false "dns1": type: string required: false (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 "dns2": type: string required: false (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 required: false "ipv6_static_settings": type: object properties: "id": type: string "prefix_length": type: string "address": type: string "gateway": type: string required: false "dns1": type: string required: false (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 "dns2": type: string required: false (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 required: false connItem: type: object description: "A network Conn" properties: "conn": type: object properties: "name": type: string required: false "ipv4_static_settings": type: object properties: "id": type: string required: false "netmask": type: string "address": type: string "broadcast": type: string required: false "gateway": type: string required: false "dns1": type: string required: false (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 "dns2": type: string required: false (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 required: false "ipv6_static_settings": type: object properties: "id": type: string "prefix_length": type: number "address": type: string "gateway": type: string required: false "dns1": type: string required: false (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 "dns2": type: string required: false (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 required: false "id": type: string required: false "mode": type: string description: type: string required: false "physif": type: string "runtime_status": type: object properties: "status": type: string "addresses": type: (conn_return_status_ipv4_address | conn_return_status_ipv6_address)[] "last_status_change": type: number "id": type: string required: false putConnItem: type: object description: "A list of network Conns" properties: conn: type: object properties: "mode": type: string "physif": type: string "ipv4_static_settings": type: object properties: "netmask": type: string "address": type: string "broadcast": type: string required: false "gateway": type: string required: false "dns1": type: string required: false (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 "dns2": type: string required: false (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 required: false "ipv6_static_settings": type: object properties: "prefix_length": type: string "address": type: string "gateway": type: string required: false "dns1": type: string required: false (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 "dns2": type: string required: false (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 required: false getSupportReport: type: object description: "A concise system report" properties: "support_report": type: object properties: "contents": type: string description: "A new line delimited dump of the current state of the system." "zip_file": type: string description: "url to a zip file which contains the system report." systemSSHPort: type: object properties: system_ssh_port: type: object properties: port: type: number description: | Set this option if you have configured SSH to be reachable on a non-standard port. Direct SSH links on the serial ports page will use this port number. systemHostname: type: object properties: system_hostname: type: object properties: hostname: string systemDiskSpace: description: "A list of disk space entries" type: object properties: system_disk_space: type: array items: properties: path: type: string total_space: type: integer description: "total space for the path in bytes" free_space: type: integer description: "available space for the path in bytes" systemBanner: type: object properties: system_banner: type: object properties: banner: type: string description: | This message will be displayed as the banner when users login via SSH, console and the web UI. [multi-line-string] systemCloudConnect: type: object properties: system_cloud_connect: type: object properties: cloud_connect_url: type: string description: The URL to use for cloud connect. cloud_callhome_enabled: type: boolean description: Set this to true to enable cloud connect. systemTimezone: type: object properties: system_timezone: type: object properties: timezone: type: string description: A TZ-compatible string for the timezone. enum: [ "Africa/Abidjan", "Africa/Accra", "Africa/Addis_Ababa", "Africa/Algiers", "Africa/Asmara", "Africa/Bamako", "Africa/Bangui", "Africa/Banjul", "Africa/Bissau", "Africa/Blantyre", "Africa/Brazzaville", "Africa/Bujumbura", "Africa/Cairo", "Africa/Casablanca", "Africa/Ceuta", "Africa/Conakry", "Africa/Dakar", "Africa/Dar_es_Salaam", "Africa/Djibouti", "Africa/Douala", "Africa/El_Aaiun", "Africa/Freetown", "Africa/Gaborone", "Africa/Harare", "Africa/Johannesburg", "Africa/Juba", "Africa/Kampala", "Africa/Khartoum", "Africa/Kigali", "Africa/Kinshasa", "Africa/Lagos", "Africa/Libreville", "Africa/Lome", "Africa/Luanda", "Africa/Lubumbashi", "Africa/Lusaka", "Africa/Malabo", "Africa/Maputo", "Africa/Maseru", "Africa/Mbabane", "Africa/Mogadishu", "Africa/Monrovia", "Africa/Nairobi", "Africa/Ndjamena", "Africa/Niamey", "Africa/Nouakchott", "Africa/Ouagadougou", "Africa/Porto-Novo", "Africa/Sao_Tome", "Africa/Tripoli", "Africa/Tunis", "Africa/Windhoek", "America/Adak", "America/Anchorage", "America/Anguilla", "America/Antigua", "America/Araguaina", "America/Argentina/Buenos_Aires", "America/Argentina/Catamarca", "America/Argentina/Cordoba", "America/Argentina/Jujuy", "America/Argentina/La_Rioja", "America/Argentina/Mendoza", "America/Argentina/Rio_Gallegos", "America/Argentina/Salta", "America/Argentina/San_Juan", "America/Argentina/San_Luis", "America/Argentina/Tucuman", "America/Argentina/Ushuaia", "America/Aruba", "America/Asuncion", "America/Atikokan", "America/Bahia", "America/Bahia_Banderas", "America/Barbados", "America/Belem", "America/Belize", "America/Blanc-Sablon", "America/Boa_Vista", "America/Bogota", "America/Boise", "America/Cambridge_Bay", "America/Campo_Grande", "America/Cancun", "America/Caracas", "America/Cayenne", "America/Cayman", "America/Chicago", "America/Chihuahua", "America/Costa_Rica", "America/Creston", "America/Cuiaba", "America/Curacao", "America/Danmarkshavn", "America/Dawson", "America/Dawson_Creek", "America/Denver", "America/Detroit", "America/Dominica", "America/Edmonton", "America/Eirunepe", "America/El_Salvador", "America/Fortaleza", "America/Glace_Bay", "America/Godthab", "America/Goose_Bay", "America/Grand_Turk", "America/Grenada", "America/Guadeloupe", "America/Guatemala", "America/Guayaquil", "America/Guyana", "America/Halifax", "America/Havana", "America/Hermosillo", "America/Indiana/Indianapolis", "America/Indiana/Knox", "America/Indiana/Marengo", "America/Indiana/Petersburg", "America/Indiana/Tell_City", "America/Indiana/Vevay", "America/Indiana/Vincennes", "America/Indiana/Winamac", "America/Inuvik", "America/Iqaluit", "America/Jamaica", "America/Juneau", "America/Kentucky/Louisville", "America/Kentucky/Monticello", "America/Kralendijk", "America/La_Paz", "America/Lima", "America/Los_Angeles", "America/Lower_Princes", "America/Maceio", "America/Managua", "America/Manaus", "America/Marigot", "America/Martinique", "America/Matamoros", "America/Mazatlan", "America/Menominee", "America/Merida", "America/Metlakatla", "America/Mexico_City", "America/Miquelon", "America/Moncton", "America/Monterrey", "America/Montevideo", "America/Montserrat", "America/Nassau", "America/New_York", "America/Nipigon", "America/Nome", "America/Noronha", "America/North_Dakota/Beulah", "America/North_Dakota/Center", "America/North_Dakota/New_Salem", "America/Ojinaga", "America/Panama", "America/Pangnirtung", "America/Paramaribo", "America/Phoenix", "America/Port-au-Prince", "America/Port_of_Spain", "America/Porto_Velho", "America/Puerto_Rico", "America/Rainy_River", "America/Rankin_Inlet", "America/Recife", "America/Regina", "America/Resolute", "America/Rio_Branco", "America/Santa_Isabel", "America/Santarem", "America/Santiago", "America/Santo_Domingo", "America/Sao_Paulo", "America/Scoresbysund", "America/Sitka", "America/St_Barthelemy", "America/St_Johns", "America/St_Kitts", "America/St_Lucia", "America/St_Thomas", "America/St_Vincent", "America/Swift_Current", "America/Tegucigalpa", "America/Thule", "America/Thunder_Bay", "America/Tijuana", "America/Toronto", "America/Tortola", "America/Vancouver", "America/Whitehorse", "America/Winnipeg", "America/Yakutat", "America/Yellowknife", "Antarctica/Casey", "Antarctica/Davis", "Antarctica/DumontDUrville", "Antarctica/Macquarie", "Antarctica/Mawson", "Antarctica/McMurdo", "Antarctica/Palmer", "Antarctica/Rothera", "Antarctica/Syowa", "Antarctica/Troll", "Antarctica/Vostok", "Arctic/Longyearbyen", "Asia/Aden", "Asia/Almaty", "Asia/Amman", "Asia/Anadyr", "Asia/Aqtau", "Asia/Aqtobe", "Asia/Ashgabat", "Asia/Baghdad", "Asia/Bahrain", "Asia/Baku", "Asia/Bangkok", "Asia/Beirut", "Asia/Bishkek", "Asia/Brunei", "Asia/Chita", "Asia/Choibalsan", "Asia/Colombo", "Asia/Damascus", "Asia/Dhaka", "Asia/Dili", "Asia/Dubai", "Asia/Dushanbe", "Asia/Gaza", "Asia/Hebron", "Asia/Ho_Chi_Minh", "Asia/Hong_Kong", "Asia/Hovd", "Asia/Irkutsk", "Asia/Jakarta", "Asia/Jayapura", "Asia/Jerusalem", "Asia/Kabul", "Asia/Kamchatka", "Asia/Karachi", "Asia/Kathmandu", "Asia/Khandyga", "Asia/Kolkata", "Asia/Krasnoyarsk", "Asia/Kuala_Lumpur", "Asia/Kuching", "Asia/Kuwait", "Asia/Macau", "Asia/Magadan", "Asia/Makassar", "Asia/Manila", "Asia/Muscat", "Asia/Nicosia", "Asia/Novokuznetsk", "Asia/Novosibirsk", "Asia/Omsk", "Asia/Oral", "Asia/Phnom_Penh", "Asia/Pontianak", "Asia/Pyongyang", "Asia/Qatar", "Asia/Qyzylorda", "Asia/Rangoon", "Asia/Riyadh", "Asia/Sakhalin", "Asia/Samarkand", "Asia/Seoul", "Asia/Shanghai", "Asia/Singapore", "Asia/Srednekolymsk", "Asia/Taipei", "Asia/Tashkent", "Asia/Tbilisi", "Asia/Tehran", "Asia/Thimphu", "Asia/Tokyo", "Asia/Ulaanbaatar", "Asia/Urumqi", "Asia/Ust-Nera", "Asia/Vientiane", "Asia/Vladivostok", "Asia/Yakutsk", "Asia/Yekaterinburg", "Asia/Yerevan", "Atlantic/Azores", "Atlantic/Bermuda", "Atlantic/Canary", "Atlantic/Cape_Verde", "Atlantic/Faroe", "Atlantic/Madeira", "Atlantic/Reykjavik", "Atlantic/South_Georgia", "Atlantic/Stanley", "Atlantic/St_Helena", "Australia/Adelaide", "Australia/Brisbane", "Australia/Broken_Hill", "Australia/Currie", "Australia/Darwin", "Australia/Eucla", "Australia/Hobart", "Australia/Lindeman", "Australia/Lord_Howe", "Australia/Melbourne", "Australia/Perth", "Australia/Sydney", "CET", "CST6CDT", "EET", "EST", "EST5EDT", "Europe/Amsterdam", "Europe/Andorra", "Europe/Athens", "Europe/Belgrade", "Europe/Berlin", "Europe/Bratislava", "Europe/Brussels", "Europe/Bucharest", "Europe/Budapest", "Europe/Busingen", "Europe/Chisinau", "Europe/Copenhagen", "Europe/Dublin", "Europe/Gibraltar", "Europe/Guernsey", "Europe/Helsinki", "Europe/Isle_of_Man", "Europe/Istanbul", "Europe/Jersey", "Europe/Kaliningrad", "Europe/Kiev", "Europe/Lisbon", "Europe/Ljubljana", "Europe/London", "Europe/Luxembourg", "Europe/Madrid", "Europe/Malta", "Europe/Mariehamn", "Europe/Minsk", "Europe/Monaco", "Europe/Moscow", "Europe/Oslo", "Europe/Paris", "Europe/Podgorica", "Europe/Prague", "Europe/Riga", "Europe/Rome", "Europe/Samara", "Europe/San_Marino", "Europe/Sarajevo", "Europe/Simferopol", "Europe/Skopje", "Europe/Sofia", "Europe/Stockholm", "Europe/Tallinn", "Europe/Tirane", "Europe/Uzhgorod", "Europe/Vaduz", "Europe/Vatican", "Europe/Vienna", "Europe/Vilnius", "Europe/Volgograd", "Europe/Warsaw", "Europe/Zagreb", "Europe/Zaporozhye", "Europe/Zurich", "GB", "GMT", "GMT+0", "GMT0", "Greenwich", "HST", "Indian/Antananarivo", "Indian/Chagos", "Indian/Christmas", "Indian/Cocos", "Indian/Comoro", "Indian/Kerguelen", "Indian/Mahe", "Indian/Maldives", "Indian/Mauritius", "Indian/Mayotte", "Indian/Reunion", "MET", "MST", "MST7MDT", "NZ", "NZ-CHAT", "Pacific/Apia", "Pacific/Auckland", "Pacific/Bougainville", "Pacific/Chatham", "Pacific/Chuuk", "Pacific/Easter", "Pacific/Efate", "Pacific/Enderbury", "Pacific/Fakaofo", "Pacific/Fiji", "Pacific/Funafuti", "Pacific/Galapagos", "Pacific/Gambier", "Pacific/Guadalcanal", "Pacific/Guam", "Pacific/Honolulu", "Pacific/Johnston", "Pacific/Kiritimati", "Pacific/Kosrae", "Pacific/Kwajalein", "Pacific/Majuro", "Pacific/Marquesas", "Pacific/Midway", "Pacific/Nauru", "Pacific/Niue", "Pacific/Norfolk", "Pacific/Noumea", "Pacific/Pago_Pago", "Pacific/Palau", "Pacific/Pitcairn", "Pacific/Pohnpei", "Pacific/Port_Moresby", "Pacific/Rarotonga", "Pacific/Saipan", "Pacific/Tahiti", "Pacific/Tarawa", "Pacific/Tongatapu", "Pacific/Wake", "Pacific/Wallis", "PRC", "PST8PDT", "ROC", "ROK", "UCT", "UTC", "Universal", "W-SU", "WET", "Zulu" ] systemTime: type: object properties: time: type: object properties: time: type: string description: | The time, as a formatted string. When setting the time, this string is parsed by the date utility. The format that is returned is HH:MM mmm DD, YYYY (mmm = "short month") eg. 14:30 Mar 24, 2022 = 2:30pm, 24th March, 2022 A variety of input formats seem to be supported. The returned format works, also this format: HH:MM DD mmm YYYY (mmm = "short month") eg. 14:30 24 Mar 2022 = 2:30pm, 24th March, 2022 systemVersion: type: object properties: system_version: type: object properties: rest_api_version: string firmware_version: string systemAdminInfo: description: "A map of the Operations Manager System Admin Information" type: object properties: system_admin_info: type: object properties: hostname: type: string description: The hostname for the system. contact: type: string description: Administration contact for the system. required: false location: type: string description: Location for the system. required: false systemCellularLogging: description: "WARNING: Enabling RRC logging will disable many advanced cellular modem functions. Provides QCDM diagnostic logging, by default this will start capturing RRC events." type: object properties: system_cellular_logging: properties: enabled: boolean filter: string device: string lighthouseEnrollmentsList: description: "A list of the lighthouse enrollments" type: object properties: lighthouse-enrollments: type: array items: properties: "port": type: integer required: false "address": type: string "id": type: string "bundle": type: string required: false "status": type: string lighthouseEnrollmentItem: type: object description: "Lighthouse Enrollment information" properties: lighthouse_enrollment: type: object properties: "port": type: integer required: false "address": type: string "id": type: string "bundle": type: string required: false "status": type: string lighthouseEnrollmentPost: type: object description: "Data to use to initiate a callhome enrollment" properties: lighthouse_enrollment: type: object properties: "address": type: string "port": type: integer required: false "bundle": type: string required: false "token": type: string registrationItem: type: object description: "Data used to register node to Lighthouse" properties: "id": type: string "package_password": type: string "server": type: string "server_api_port": type: integer required: false lh_ext_eps: type: array required: false items: properties: "server": type: string "server_api_port": type: integer required: false "server_vpn_port": type: integer required: false registrationAddress: type: object description: "Object containing address to update lhvpn_tunnel to" properties: "address": type: string systemSerialNumber: type: object properties: system_serial_number: type: object properties: serial_number: string systemModelName: type: object properties: system_model_name: type: object properties: model_name: string sshResponse: type: object properties: ssh: type: object properties: ssh_url_delimiter: type: string sshPut: type: object properties: ssh: type: object properties: ssh_url_delimiter: type: string required: false maxstartups_start: type: integer required: false maxstartups_rate: type: integer required: false maxstartups_full: type: integer required: false unauthenticated_serial_port_access: type: boolean required: false metaResponse: type: object properties: searchId: type: string required: false total_pages: type: string required: false firmwareUpgradeStatus: type: object properties: system_firmware_upgrade_status: type: object properties: state: type: string enum: [ "pending", "running", "error", "finished" ] error_message: required: false type: string enum: [ "format_error", "download_error", "version_error", "runtime_error" ] script_metadata: description: "Operations Manager Script Configuration" type: object properties: script_timeout: type: integer description: The number of minutes that the script is allowed to run script_checksum: type: string description: The SHA1 checksum of the script script_execution_status: description: "Operations Manager Script Execution Status" type: object properties: script_status: type: string enum: [ "in_progress", "timed_out", "completed" ] script_info: description: "Script Upload Status" type: object properties: "info": type: string "execution_id": type: integer getFirewallServicesListItemPort: description: "A firewall service port" type: object properties: "protocol": type: string "port": type: integer getFirewallServicesListItem: description: "A firewall service" type: object properties: "id": type: string "name": type: string "label": type: string "ports": type: array items: type: getFirewallServicesListItemPort getFirewallServicesListResponse: description: "A list of firewall services" type: object properties: "firewall_services": type: array items: type: getFirewallServicesListItem meta: metaResponse setFirewallService: description: "A single firewall service" type: object properties: "firewall_service": type: object properties: "name": type: string "label": type: string "ports": type: array items: type: getFirewallServicesListItemPort getFirewallServiceResponse: description: "A single firewall service" type: object properties: "firewall_service": type: getFirewallServicesListItem getFirewallPortForwardRuleListItem: description: "A firewall port forwarding rule" type: object properties: "protocol": type: string "from_port": type: string "to_port": type: integer "to_address": required: false type: string getFirewallCustomRuleListItem: description: "A custom firewall rule" type: object properties: "rule_content": description: > Additional rich rules to be applied to this zone using firewalld 'rich language'. see https://firewalld.org/documentation/man-pages/firewalld.richlanguage.html type: string "description": required: false type: string description: > Human-readable description (optional)for this rich rule item. getFirewallPortForwardRuleListResponse: description: "A list of firewall port forwarding rules" type: object properties: "firewall_port_forward_rule": type: array items: type: getFirewallPortForwardRuleListItem getFirewallCustomRuleListResponse: description: "A list of firewall custom rules" type: object properties: "firewall_custom_rule": type: array items: type: getFirewallCustomRuleListItem setFirewallPortForwardRule: description: "A single firewall port forwarding rule" type: object properties: "firewall_port_forward_rule": type: object properties: "name": type: string "label": type: string getFirewallPortFowardRuleResponse: description: "A single firewall port forwarding rule" type: object properties: "firewall_port_forward_rule": type: getFirewallPortForwardRuleListItem setFirewallZonesList: description: "A list of firewall zones" type: object properties: "firewall_zones": type: array items: type: object properties: "name": type: string "label": type: string "description": type: string "physifs": type: array items: type: string "permit_all_traffic": type: boolean "masquerade": type: boolean "permitted_services": type: array required: false items: type: string "port_forwarding_rules": type: array required: false items: type: getFirewallPortForwardRuleListItem "custom_rules": type: array required: false items: type: getFirewallCustomRuleListItem getFirewallZonesListItem: description: "A firewall zone" type: object properties: "id": type: string "name": type: string "label": type: string "description": type: string "physifs": type: array items: type: string "permit_all_traffic": type: boolean "masquerade": type: boolean "permitted_services": type: array items: type: string "port_forwarding_rules": type: array items: type: getFirewallPortForwardRuleListItem "custom_rules": type: array items: type: getFirewallCustomRuleListItem getFirewallZonesListResponse: description: "A list of firewall zones" type: object properties: "firewall_zones": type: array items: type: getFirewallZonesListItem meta: metaResponse setFirewallZone: description: "A single firewall zone" type: object properties: "firewall_zone": type: object properties: "name": type: string "label": type: string "description": type: string "physifs": type: array items: type: string "permit_all_traffic": type: boolean "masquerade": type: boolean "permitted_services": type: array required: false items: type: string "port_forwarding_rules": type: array required: false items: type: getFirewallPortForwardRuleListItem "custom_rules": type: array required: false items: type: getFirewallCustomRuleListItem getFirewallZoneResponse: description: "A single firewall zone" type: object properties: "firewall_zone": type: getFirewallZonesListItem getFirewallRulesListItem: description: "A firewall rule" type: object properties: "id": type: string "multi_field_identifier": type: string description: "A string which can be used to uniquely identify this firewall rule" "service": type: string "zone": type: string getFirewallRulesListResponse: description: "A list of firewall rules" type: object properties: "firewall_rules": type: array items: type: getFirewallRulesListItem meta: metaResponse bulkDeleteFirewallRuleList: description: "A list of firewall rule ids" type: object properties: "firewall_rules": type: array items: type: string setFirewallRule: description: "A single firewall rule" type: object properties: "firewall_rule": type: object properties: "service": type: string "zone": type: string getFirewallRuleResponse: description: "A single firewall rule" type: object properties: "firewall_rule": type: getFirewallRulesListItem getFirewallPredefinedServicesListItemPort: description: "A predefined firewall service port" type: object properties: protocol: type: string port: description: "Can be a numeric port number or a range such as 5900-5903" type: string getFirewallPredefinedServicesListItem: description: "A predefined firewall service" type: object properties: name: type: string label: type: string ports: type: array items: type: getFirewallPredefinedServicesListItemPort getFirewallPredefinedServicesListResponse: description: "A list of predefined firewall services" type: object properties: predefined_firewall_services: type: array items: type: getFirewallPredefinedServicesListItem meta: metaResponse getFirewallPoliciesListItem: description: "A firewall policy" type: object properties: "id": type: string "name": type: string "description": type: string required: false "ingress_zones": type: array items: type: string "egress_zones": type: array items: type: string getFirewallPoliciesListResponse: description: "A list of firewall policies" type: object properties: "firewall_policies": type: array items: type: getFirewallPoliciesListItem meta: metaResponse setFirewallPolicy: description: "A single firewall policy" type: object properties: "firewall_policy": type: object properties: "name": type: string "description": type: string required: false "ingress_zones": type: array items: type: string "egress_zones": type: array items: type: string getFirewallPolicyResponse: description: "A single firewall policy" type: object properties: "firewall_policy": type: getFirewallPoliciesListItem cellReliabilityTestConfiguration: description: "The cell reliability test configuration" type: object properties: "cell_reliability_test": type: object properties: "enabled": type: boolean "period": type: integer minimum: 0 "test_url": type: array "signal_strength_threshold": type: object properties: "lower": type: integer minimum: 0 maximum: 100 "upper": type: integer minimum: 0 maximum: 100 snmpManager: description: "The SNMP manager legacy configuration" type: object properties: snmp_manager: type: object properties: "protocol": type: string enum: [ "UDP", "TCP", "UDP6", "TCP6" ] "address": type: string required: false "port": type: integer minimum: 1 maximum: 65535 required: false "msg_type": type: string description: Type of SNMP message to send. enum: [ "TRAP", "INFORM", ] "version": type: string enum: [ "v1", "v2c", "v3", ] "community": type: string description: "[sensitive]" required: false "auth_protocol": type: string enum: [ "SHA", "MD5", ] required: false "auth_password": type: string description: "[sensitive]" required: false "username": type: string required: false "engine_id": type: string required: false "privacy_protocol": type: string enum: [ "AES", "DES", ] required: false "privacy_password": type: string description: "[sensitive]" required: false "security_level": type: string enum: [ "noAuthNoPriv", "authNoPriv", "authPriv", ] required: false snmpManagerResponse: description: "The SNMP manager legacy configuration" type: object properties: snmp_manager: type: object properties: "id": type: string "multi_field_identifier": type: string description: "A string which can be used to uniquely identify this snmp alert manager" "protocol": type: string enum: [ "UDP", "TCP", "UDP6", "TCP6" ] "address": type: string required: false "port": type: integer minimum: 1 maximum: 65535 required: false "msg_type": type: string description: Type of SNMP message to send. enum: [ "TRAP", "INFORM", ] "version": type: string enum: [ "v1", "v2c", "v3", ] "community": type: string description: "[sensitive]" required: false "auth_protocol": type: string enum: [ "SHA", "MD5", ] required: false "auth_password": type: string description: "[sensitive]" required: false "username": type: string required: false "engine_id": type: string required: false "privacy_protocol": type: string enum: [ "AES", "DES", ] required: false "privacy_password": type: string description: "[sensitive]" required: false "security_level": type: string enum: [ "noAuthNoPriv", "authNoPriv", "authPriv", ] required: false snmpAlertManager: description: "The SNMP manager configuration" type: object properties: snmp_alert_manager: type: object properties: "name": type: string required: false "protocol": type: string enum: [ "UDP", "TCP", "UDP6", "TCP6" ] "address": type: string required: false "port": type: integer minimum: 1 maximum: 65535 required: false "msg_type": type: string description: Type of SNMP message to send. enum: [ "TRAP", "INFORM", ] "version": type: string enum: [ "v1", "v2c", "v3", ] "community": type: string description: "[sensitive]" required: false "auth_protocol": type: string enum: [ "SHA", "MD5", ] required: false "auth_password": type: string description: "[sensitive]" required: false "username": type: string required: false "engine_id": type: string required: false "privacy_protocol": type: string enum: [ "AES", "DES", ] required: false "privacy_password": type: string description: "[sensitive]" required: false "security_level": type: string enum: [ "noAuthNoPriv", "authNoPriv", "authPriv", ] required: false snmpManagerListItem: description: "The SNMP manager configuration" type: object properties: "id": type: string "multi_field_identifier": type: string description: "A string which can be used to uniquely identify this snmp alert manager" "name": type: string required: false "protocol": type: string enum: [ "UDP", "TCP", "UDP6", "TCP6" ] "address": type: string required: false "port": type: integer minimum: 1 maximum: 65535 required: false "msg_type": type: string description: Type of SNMP message to send. enum: [ "TRAP", "INFORM", ] "version": type: string enum: [ "v1", "v2c", "v3", ] "community": type: string description: "[sensitive]" required: false "auth_protocol": type: string enum: [ "SHA", "MD5", ] required: false "auth_password": type: string description: "[sensitive]" required: false "username": type: string required: false "engine_id": type: string required: false "privacy_protocol": type: string enum: [ "AES", "DES", ] required: false "privacy_password": type: string description: "[sensitive]" required: false "security_level": type: string enum: [ "noAuthNoPriv", "authNoPriv", "authPriv", ] required: false snmpAlertManagerResponse: description: "The SNMP manager configuration" type: object properties: snmp_alert_manager: type: snmpManagerListItem getSnmpAlertManagerList: description: "A list of SNMP Managers" type: object properties: "snmp_alert_managers": type: array items: type: snmpManagerListItem snmpd: description: "The SNMP Daemon configuration" type: object properties: snmpd: type: object properties: "enabled": type: boolean default: false required: false "port": type: integer minimum: 1 maximum: 65535 default: 161 required: false "protocol": type: string enum: [ "UDP", "TCP", ] default: UDP required: false "enable_legacy_versions": type: boolean default: false required: false "rocommunity": type: string description: "[sensitive]" required: false "rwcommunity": type: string description: "[sensitive]" required: false "enable_secure_snmp": type: boolean default: false required: false "security_level": type: string enum: [ "noauth", "auth", "priv", ] default: "priv" required: false "security_name": type: string required: false "engine_id": type: string required: false "auth_protocol": type: string enum: [ "SHA", "MD5", ] required: false "auth_use_plaintext": type: boolean default: false required: false "auth_password": type: string description: "[sensitive]" required: false "auth_localized_key": type: string required: false "priv_protocol": type: string enum: [ "AES", "DES", ] required: false "priv_use_plaintext": type: boolean default: false required: false "priv_password": type: string description: "[sensitive]" required: false "priv_localized_key": type: string required: false authenticationAlert: description: "Configuration for legacy authentication alerts" type: object properties: authentication_trap_group: type: object properties: "enabled": type: boolean systemAlert: description: "Configuration for legacy system alerts" type: object properties: system_trap_group: type: object properties: "enabled": type: boolean "power_supply_millivolt_lower": type: integer "power_supply_millivolt_upper": type: integer networkingAlert: description: "Configuration for legacy networking alerts" type: object properties: "networking_trap_group": type: object properties: "enabled": type: boolean "signal_strength_threshold_lower": type: integer required: false "signal_strength_threshold_upper": type: integer required: false configChangeAlert: description: "Configuration for legacy config change based alerts" type: object properties: config_change_trap_group: type: object properties: "enabled": type: boolean networkingAlertGroup: description: "Configuration for networking alerts" type: object properties: "networking_alert_group": type: object properties: "cell_signal_strength_alert": type: object required: false properties: "enabled": type: boolean default: false required: false "threshold_lower": type: integer default: 33 required: false "threshold_upper": type: integer default: 66 required: false powerAlertGroup: description: "Configuration for power alerts" type: object properties: "power_alert_group": type: object properties: "power_supply_voltage_alert": type: object required: false properties: "enabled": type: boolean default: false required: false "millivolt_lower": type: integer default: 11000 required: false "millivolt_upper": type: integer default: 13000 required: false systemAlertGroup: description: "Configuration for system alerts" type: object properties: "system_alert_group": type: object properties: "authentication_alert": type: object required: false properties: "enabled": type: boolean default: false required: false "config_change_alert": type: object required: false properties: "enabled": type: boolean default: false required: false "temperature_alert": type: object required: false properties: "enabled": type: boolean default: false required: false "threshold_lower": type: integer required: false "threshold_upper": type: integer required: false failoverSettings: type: object properties: "enabled": type: boolean default: false "probe_physif": type: string description: A Failover event occurs if the probe_address is not reachable on this network interface. "probe_address": description: "Probe address can be an IPv4 address, IPv6 address or a hostname. Be aware that hostnames may not resolve during Failover depending on DNS settings." type: string "dormant_dns": type: boolean default: false required: false description: "Whether DNS is dormant (not configured) for the failover interface in normal operation. During failover this will be restored." "failover_physif": description: | Fail over to this network interface. type: string required: false failoverSettingsResponse: description: "The failover settings" type: object properties: "failover_settings": type: failoverSettings failoverSettingsPut: description: "The failover settings" type: object properties: "failover_settings": type: failoverSettings properties: "probe_physif": type: string description: | A Failover event occurs if the probe_address is not reachable on this network interface. [**Optional when Failover is disabled**] "failover_physif": type: string description: | Fail over to this network interface. Note that if this field is omitted when failover is enabled, it will be set to wwan0 (for compatibility with older releases). [**Optional when Failover is disabled**] required: false portlogSettings: description: "The port log settings" type: object properties: "portlog_settings": type: object properties: "facility": type: string description: The syslog facility to use for port logs. enum: [ "daemon", "auth", "authpriv", "cron", "daemon", "ftp", "kern", "lpr", "mail", "news", "syslog", "user", "uucp", "local0", "local1", "local2", "local3", "local4", "local5", "local6", "local7" ] "severity": type: string description: The syslog severity to use for port logs. enum: [ "info", "alert", "critical", "debug", "emergency", "error", "info", "notice", "warning" ] exportType: type: object properties: "export": type: object failoverStatus: type: object properties: "failover_status": type: object properties: "status": description: "Failover status" type: string enum: [ "primary_starting", "primary_complete", "primary_stopping", "failover_starting", "failover_complete", "failover_stopping", "disabled", "unknown" ] cellFWInfo: type: object properties: "cellfw_info": type: object properties: "firmware": type: string "operating_mode": type: string getCellModemInfo: description: "Cell Modem Status Information" type: object properties: "cellmodem": type: object properties: "enabled": description: Is the cell modem currently enabled type: boolean "device": description: Device name type: string "up": description: Is this cell modem currently connected type: boolean "signalStrength": description: Signal quality (%) (backwards compatable) type: integer "signal_quality": description: Signal quality (%) type: integer "rssi": description: Received Signal Strength Indicator (RSSI) type: integer "technology": description: Access technology type: string "modem_status": description: Modem status type: string "failure_reason": description: Failure reason type: string "ipv4_addresses": description: IPv4 addresses of the cell modem type: array items: type: string "ipv6_addresses": description: IPv6 addresses of the cell modem type: array items: type: string "failover": description: Details about whether failover is enabled on the cell modem required: false type: object properties: "enabled": description: Is Failover enabled type: boolean "active": description: Is Failover active type: boolean "dormant": description: Does the interface stay up when not failed-over to type: boolean "sims": description: Details about the current SIM cards required: false type: object properties: "active_sim": description: The current selected SIM type: number "failover_status": description: The current SIM failover state type: string enum: [ "disabled", "enabled", "failing_over", "failed_over", "failing_back", "unknown" ] "sim1": description: Details about SIM1 type: object properties: "iccid": description: SIM ICCID type: string "carrier": description: SIM Carrier type: string "apn": description: SIM APN type: string "ip_type": description: SIM IP-Type type: string "username": description: SIM User type: string "imsi": description: SIM IMSI type: string "state": description: Current state of the SIM type: string "last_active": description: The time-stamp of the last time this SIM became active type: number "last_update": description: The time-stamp of the last update type: number "signal_strength": description: Signal strength of the modem connection with this SIM type: number sim2: description: Details about SIM2 type: object properties: "iccid": description: SIM ICCID type: string "carrier": description: SIM Carrier type: string "apn": description: SIM APN type: string "ip_type": description: SIM IP-Type type: string "username": description: SIM User type: string "imsi": description: SIM IMSI type: string "state": description: Current state of the SIM type: string "last_active": description: The time-stamp of the last time this SIM became active type: number "last_update": description: The time-stamp of the last update type: number "signal_strength": description: Signal strength of the modem connection with this SIM type: number getCellModemSimInfo: description: "Cell Modem SIM Status Information" type: object properties: "cellmodem_sims": type: array items: type: getCellModemSimInfoResponseSingle getCellModemSimInfoResponseSingle: description: "Cell Modem SIM Status Information" type: object properties: "id": type: string "active": description: This SIM is the currently selected SIM type: boolean "slot": description: SIM Slot type: number "iccid": description: SIM ICCID type: string "carrier": description: SIM Carrier type: string "apn": description: SIM APN type: string "ip_type": description: SIM IP-Type type: string "username": description: SIM User type: string "imsi": description: SIM IMSI type: string "state": description: Current state of the SIM type: string "last_active": description: The time-stamp of the last time this SIM became active type: number "last_update": description: The time-stamp of the last update type: number "signal_strength": description: Signal strength of the modem connection with this SIM type: number routingDaemon: description: "Configure routing daemons" type: object properties: routing: type: object properties: bgpd: description: Configuration for the bgp routing daemon type: object properties: enabled: description: Is bdgpd enabled type: boolean ospfd: description: Configuration for the ospf routing daemon type: object properties: enabled: description: Is ospfd enabled type: boolean isisd: description: Configuration for the isis routing daemon type: object properties: enabled: description: Is isisd enabled type: boolean ripd: description: Configuration for the rip routing daemon type: object properties: enabled: description: Is ripd enabled type: boolean getX509CertFileItem: type: object description: "This object contains information for an IPsec x509 certificate file." properties: "id": type: string description: "Database ID for this file." required: true "name": description: "The name of the file. This should contain the file extension." type: string required: true "content": description: "The content of the file stored either in plaintext PEM format or base64 encoded binary." type: string required: true "timestamp": description: "The last time the file was updated. This will be returned in rfc3339 format." type: string required: true getPrivateKeyItem: type: object description: "This object contains information for an IPsec private key file." properties: "id": type: string description: "Database ID for this file." required: true "name": description: "The name of the file. This should contain the file extension." type: string required: true "content": description: | The content of the file stored either in plaintext PEM format or base64 encoded binary. [sensitive] type: string required: true "password": description: | An optional password that can be used to decrypt the file. [sensitive] type: string required: false "timestamp": description: "The original time the file was uploaded in rfc3339 format." type: string required: true getX509BundleFileItem: type: object description: "This object contains information for an IPsec bundle file." properties: "id": type: string description: "Database ID for this file." required: true "name": description: "The name of the file. This should contain the file extension." type: string required: true "content": description: "The base64 encoded binary content of the file." type: string required: true "password": description: | An optional password that can be used to decrypt the file. [sensitive] type: string required: false "timestamp": description: "The last time the file was updated. This will be returned in rfc3339 format." type: string required: true getIPsecTunnelItem: type: object description: "This object contains configuration information for an IPsec tunnel." properties: "id": type: string description: "Database ID for this IPsec tunnel." "name": type: string description: "Each IPsec tunnel must have a unique symbolic name. The name can contain letters, digits, and hyphens. It will appear in log messages when the tunnel is being established. Use this to distinguish between multiple tunnels on the device." "enabled": type: boolean "initiate": type: boolean description: "When true, the device will actively initiate the tunnel by sending IKE negotiation packets to the remote end. If false, the tunnel will only be activated when an IKE negotiation is initiated by the remote end." "version": type: string description: "An IPsec tunnel can use either the IKEv1 or IKEv2 protocol. IKEv1 also provides the ability to run in aggressive mode which is not applicable to IKEv2" "keying_tries": type: integer description: "The number of attempts that should be made to negotiate a connection before giving up. The default value of 0 means 'never give up'." "dpd_enabled": required: false type: boolean "dpd_action": required: false type: string description: "Determines the action to perform on timeout." "dpd_delay": required: false type: integer description: "Defines the time interval between keep-alive exchanges sent to the peer." "dpd_timeout": type: integer description: "Defines the timeout period for a connection." "phase1_rekey_time": required: false type: integer description: "Controls the time between key material refreshes for the IKE. This is only valid for IKEv2 and 0s translates to disabled." "phase1_rekey_unit": required: false type: string description: "Determines the units for phase1_rekey_time." "phase1_reauth_time": required: false type: integer description: "Controls the time between IKE reauthentication. 0s translates to disabled." "phase1_reauth_unit": required: false type: string description: "Determines the units for phase1_reauth_time." "phase1_random_time": required: false type: integer description: "Time range from which to choose a random value to subtract from IKE rekey/reauth times. Is used to avoid both peers initiating the process simultaneously." "phase1_random_unit": required: false type: string description: "Determines the units for phase1_random_time." "phase1_over_time": required: false type: integer description: "The hard IKE SA lifetime if rekey/reauth does not complete. The default value is 10% of phase1_rekey_time or phase1_reauth_time, whichever is greater. The expiry of an IKE SA is calculated using this value plus phase1_rekey_time or phase1_reauth_time." "phase1_over_unit": required: false type: string description: "Determines the units for phase1_over_time." "phase2_rekey_time": required: false type: integer description: "Controls the time between key material refreshes for the CHILD_SA. 0s translates to disabled." "phase2_rekey_unit": required: false type: string description: "Determines the units for phase2_rekey_time." "phase2_random_time": required: false type: integer description: "Time range from which to choose a random value to subtract from IKE rekey/reauth times. Is used to avoid both peers initiating the process simultaneously." "phase2_random_unit": required: false type: string description: "Determines the units for phase2_random_time." "phase2_life_time": required: false type: integer description: "The maximum lifetime before an IPsec SA gets closed. The default value is 110% of phase2_rekey_time. The expiry of an IPsec SA is equivalent to this value." "phase2_life_unit": required: false type: string description: "Determines the units for phase2_life_time." "proposal": type: string description: "Algorithm to be used for Key Exchange for establishing this tunnel" (deprecatedProperty): since: 03/2021 "phase1_proposal": type: string description: "Algorithms to be used for Key Exchange (Phase 1) for establishing this tunnel" "phase2_proposal": type: string description: "Algorithms to be used for IPsec/Child SA (Phase 2) for this tunnel" "phase2_proposal_type": description: "IPsec/Child SA proposal type. ESP protocol or AH protocol can be selected" type: string enum: [ "esp", "ah" ] "local_id": type: string description: "Local IKE identity to use for authentication." "remote_id": type: string description: "Remote IKE identity to expect for authentication." "local_address": required: false type: string description: "Local address to be used for this IPsec tunnel. If left blank, this address will be automatically filled during key negotiation." "remote_address": required: false type: string description: "Remote address to be used for this IKE negotiation of this tunnel. If the local device does not initiate the tunnel, incoming requests must match this address." "encap": required: false type: boolean description: "Force encapsulation" "local_subnet": type: string description: "Local subnet traffic selector to be used for this tunnel. When left blank, this will be replaced by the outer local address of the tunnel upon negotiation." "remote_subnet": type: string description: "Remote subnet traffic selector to be used for this tunnel. When left blank, this will be replaced by the outer remote address of the tunnel upon negotiation." "auth_mode": type: string description: "Authentication type for this tunnel, 'psk' (Pre-Shared Key) or 'pki' (Public Key Infrastructure). If this field is not provided then 'psk' mode will be selected." enum: [ "psk", "pki", ] default: "psk" "shared_secret": required: false type: string description: | For the pre-shared key authentication mode, both ends of the tunnel must use the same key. This is required when auth_mode is set to 'psk'. [sensitive] "runtime_status": type: object properties: "established": type: boolean description: "This value is reported as true when the tunnel has been negotiated successfully and is currently active." postX509CertFileItem: type: object description: "This object contains information for an IPsec x509 certificate file." properties: "name": description: "The file's name." type: string required: true "content": description: "The content of the file stored either in plaintext PEM format or base64 encoded binary." type: string required: true postPrivateKeyItem: type: object description: "This object contains information for an IPsec private key file that may be encrypted with a password." properties: "name": description: "The file's name." type: string required: true "content": description: | The content of the file stored either in plaintext PEM format or base64 encoded binary. [sensitive] type: string required: true "password": description: | An optional password that can be used to decrypt the file. [sensitive] type: string required: false postX509BundleFileItem: type: object description: "This object contains information for an IPsec bundle file which is encrypted with a password (default is None)." properties: "name": description: "The file's name." type: string required: true "content": description: | The base64 encoded binary content of the file. [sensitive] type: string required: true "password": description: | An optional password that can be used to decrypt the file. [sensitive] type: string required: false postIPsecTunnelItem: type: object description: "This object contains configuration information for an IPsec tunnel." properties: "name": type: string description: "Each IPsec tunnel must have a unique symbolic name. The name can contain letters, digits, and hyphens. It will appear in log messages when the tunnel is being established. Use this to distinguish between multiple tunnels on the device." "enabled": type: boolean "initiate": type: boolean description: "When true, the device will actively initiate the tunnel by sending IKE negotiation packets to the remote end. If false, the tunnel will only be activated when an IKE negotiation is initiated by the remote end." "version": type: string description: "An IPsec tunnel can use either the IKEv1 or IKEv2 protocol. IKEv1 also provides the ability to run in aggressive mode which is not applicable to IKEv2" "keying_tries": required: false type: integer description: "The number of attempts that should be made to negotiate a connection before giving up. The default value of 0 means 'never give up'." "dpd_enabled": required: false type: boolean "dpd_action": required: false type: string description: "Determines the action to perform on timeout." "dpd_delay": required: false type: integer description: "Defines the time interval between keep-alive exchanges sent to the peer." "dpd_timeout": required: false type: integer description: "Defines the timeout period for a connection." "phase1_rekey_time": required: false type: integer description: "Controls the time between key material refreshes for the IKE. This is only valid for IKEv2 and 0s translates to disabled." "phase1_rekey_unit": required: false type: string description: "Determines the units for phase1_rekey_time." "phase1_reauth_time": required: false type: integer description: "Controls the time between IKE reauthentication. 0s translates to disabled." "phase1_reauth_unit": required: false type: string description: "Determines the units for phase1_reauth_time." "phase1_random_time": required: false type: integer description: "Time range from which to choose a random value to subtract from IKE rekey/reauth times. Is used to avoid both peers initiating the process simultaneously." "phase1_random_unit": required: false type: string description: "Determines the units for phase1_random_time." "phase1_over_time": required: false type: integer description: "The hard IKE SA lifetime if rekey/reauth does not complete. The default value is 10% of phase1_rekey_time or phase1_reauth_time, whichever is greater. The expiry of an IKE SA is calculated using this value plus phase1_rekey_time or phase1_reauth_time." "phase1_over_unit": required: false type: string description: "Determines the units for phase1_over_time." "phase2_rekey_time": required: false type: integer description: "Controls the time between key material refreshes for the CHILD_SA. 0s translates to disabled." "phase2_rekey_unit": required: false type: string description: "Determines the units for phase2_rekey_time." "phase2_random_time": required: false type: integer description: "Time range from which to choose a random value to subtract from IKE rekey/reauth times. Is used to avoid both peers initiating the process simultaneously." "phase2_random_unit": required: false type: string description: "Determines the units for phase2_random_time." "phase2_life_time": required: false type: integer description: "The maximum lifetime before an IPsec SA gets closed. The default value is 110% of phase2_rekey_time. The expiry of an IPsec SA is equivalent to this value." "phase2_life_unit": required: false type: string description: "Determines the units for phase2_life_time." "proposal": required: false type: string description: "Algorithm to be used for Key Exchange for establishing this tunnel" (deprecatedProperty): replaceWith: { "phase1_proposal": "ike_proposals", "phase2_proposal": "ipsec_proposals", } since: 03/2021 "phase1_proposal": type: string description: | Algorithm proposals to be used for Key Exchange (Phase 1) for establishing this tunnel. A proposal is a set of algorithms. For non-AEAD algorithms, this includes for IKE an encryption algorithm, an integrity algorithm, a pseudo random function and a Diffie-Hellman group. For AEAD algorithms, instead of encryption and integrity algorithms, a combined algorithm is used. See the following pages to check which algorithms are supported by strongswan. - IKEv1 Cipher Suites: https://wiki.strongswan.org/projects/strongswan/wiki/IKEv1CipherSuites - IKEv2 Cipher Suites: https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites Multiple proposals may be provided through a comma-separated string. - example: aes128-sha256-ecp256,aes128-sha256-modp2048 Multiple algorithm types may be present in a single proposal (natively supported in IKEv2 and our backend will split it for IKEv1 cases). - example: aes128-aes256-sha256-sha384-ecp256-modp2048 (single proposal with 2 encryption algorithms, 2 integrigity algorithms and 2 DH groups) See also swanctl.conf connections..proposals field: https://wiki.strongswan.org/projects/strongswan/wiki/Swanctlconf required: false "phase2_proposal": type: string description: | Algorithm proposals to be used for IPsec/Child SA (Phase 2) for this tunnel. See phase1_proposal's description to for more information about proposals. See also swanctl.conf ah_proposals and esp_proposals fields: https://wiki.strongswan.org/projects/strongswan/wiki/Swanctlconf required: false "phase2_proposal_type": description: "IPsec/Child SA proposal type. ESP protocol or AH protocol can be selected" type: string enum: [ "esp", "ah" ] default: "esp" required: false "local_id": required: false type: string description: "Local IKE identity to use for authentication." "remote_id": required: false type: string description: "Remote IKE identity to expect for authentication." "local_address": required: false type: string description: "Local address to be used for this IPsec tunnel. If left blank, this address will be automatically filled during key negotiation." "remote_address": required: false type: string description: "Remote address to be used for this IKE negotiation of this tunnel. If the local device does not initiate the tunnel, incoming requests must match this address." "encap": required: false type: boolean description: "Force UDP encapsulation for ESP packets. This is used for NAT traversal." "local_subnet": required: false type: string description: "Local subnet traffic selector to be used for this tunnel. When left blank, this will be replaced by the outer local address of the tunnel upon negotiation." "remote_subnet": required: false type: string description: "Remote subnet traffic selector to be used for this tunnel. When left blank, this will be replaced by the outer remote address of the tunnel upon negotiation." "auth_mode": required: false type: string description: "Authentication type for this tunnel, 'psk' (Pre-Shared Key) or 'pki' (Public Key Infrastructure). If this field is not provided then 'psk' mode will be selected." enum: [ "psk", "pki", ] default: "psk" "shared_secret": required: false type: string description: | For the pre-shared key authentication mode, both ends of the tunnel must use the same key. This is required when auth_mode is set to 'psk'. [sensitive] getCaCertificateListResponse: type: object properties: "x509_ca_certificates": type: array items: type: getX509CertFileItem getCaCertificateResponse: type: object properties: "x509_ca_certificate": type: getX509CertFileItem postCaCertificateBody: type: object properties: "x509_ca_certificate": type: postX509CertFileItem getCrlFileListResponse: type: object properties: "x509_crls": type: array items: type: getX509CertFileItem getCrlFileResponse: type: object properties: "x509_crl": type: getX509CertFileItem postCrlFileBody: type: object properties: "x509_crl": type: postX509CertFileItem getX509BundleListResponse: type: object properties: "x509_bundles": type: array items: type: getX509BundleFileItem getX509BundleResponse: type: object properties: "x509_bundle": type: getX509BundleFileItem postX509BundleBody: type: object properties: "x509_bundle": type: postX509BundleFileItem getX509CertificateListResponse: type: object properties: "x509_certificates": type: array items: type: getX509CertFileItem getX509CertificateResponse: type: object properties: "x509_certificate": type: getX509CertFileItem postX509CertificateBody: type: object properties: "x509_certificate": type: postX509CertFileItem getPrivateKeyListResponse: type: object properties: "private_keys": type: array items: type: getPrivateKeyItem getPrivateKeyResponse: type: object properties: "private_key": type: getPrivateKeyItem postPrivateKeyBody: type: object properties: "private_key": type: postPrivateKeyItem getTunnelListResponse: type: object properties: "ipsec_tunnels": type: array items: type: getIPsecTunnelItem getTunnelResponse: type: object properties: "ipsec_tunnel": type: getIPsecTunnelItem putTunnelBody: type: object properties: "ipsec_tunnel": type: postIPsecTunnelItem networkInterfaceMap: type: object properties: "interface": type: string description: "Reference to a physif ID" "attributes": description: A list of attributes to monitor type: array items: type: string enum: [ "address", "broadcast", "carrier", "carrier_changes", "family", "flags", "group", "ifi_type", "ifname", "index", "ipaddr", "ipdb_priority", "ipdb_scope", "kind", "linkmode", "mtu", "neighbours", "num_rx_queues", "num_tx_queues", "operstate", "ports", "promiscuity", "qdisc", "txqlen", ] getAutoResponseBeaconListItem: description: "An Auto-Response Beacon" type: object properties: "id": type: string description: "Database ID for this Auto-Response Beacon." "name": type: string description: "Each Auto-Response Beacon must have a unique symbolic name. Use this to distinguish between multiple beacons on the device." "description": type: string required: false description: "Each Auto-Response Beacon may have an optional description." "module": type: string description: "The corresponding 'salt' Auto-Response module this Beacon will use." enum: [ "btmp", "cell_connection", "cell_signal_strength", "curl", "custom_cmd", "load", "mem", "network", "ping", "serial_login", "serial_pattern", "serial_signal", "cell_message", "wtmp" ] "interval": type: number description: "Interval in seconds between running the Auto-Response Beacon" required: false "enable": type: boolean description: "Turn on this Auto-Response Beacon" "cell_signal_strength": type: object required: false properties: "threshold": type: number minimum: 0 maximum: 99 "on_change_only": type: boolean "emit_at_startup": type: boolean "cell_message": type: object required: false properties: "message_pattern": type: string "phone_numbers": type: array "curl": type: object required: false properties: "urls": type: array "request": type: string "on_change_only": type: boolean default: true "data": type: string required: false "max_time": type: number required: false "custom_cmd": type: object required: false properties: "shell_command": type: string "timeout": type: number "load": type: object required: false properties: "one_minute": type: object properties: "low": type: string pattern: "^(([1-9][0-9]*)|[0])[.]([0-9]{4})$" "high": type: string pattern: "^(([1-9][0-9]*)|[0])[.]([0-9]{4})$" "five_minute": type: object properties: "low": type: string pattern: "^(([1-9][0-9]*)|[0])[.]([0-9]{4})$" "high": type: string pattern: "^(([1-9][0-9]*)|[0])[.]([0-9]{4})$" "fifteen_minute": type: object properties: "low": type: string pattern: "^(([1-9][0-9]*)|[0])[.]([0-9]{4})$" "high": type: string pattern: "^(([1-9][0-9]*)|[0])[.]([0-9]{4})$" "emit_at_startup": type: boolean "on_change_only": type: boolean "mem": type: object required: false properties: "percent": type: string pattern: "^(([1-9][0-9]*)|[0])[.]([0-9]{4})$" "on_change_only": type: boolean "network": type: object required: false properties: "coalesce": type: string "interfaces": type: array items: type: networkInterfaceMap "ping": type: object required: false properties: "interface": type: string description: "Reference to a physif ID" "destination": type: string "on_change_only": type: boolean "serial_login": type: object required: false properties: "check_login": type: boolean default: true "check_logout": type: boolean default: true "ports": type: array items: type: string description: "Reference to a port ID" "serial_signal": type: object required: false properties: "ports": type: array items: type: string description: "Reference to a port ID" "signals": type: array items: type: string enum: [cts, dcd, dsr, dtr, rts] description: "List of serial signal types to filter events on" "serial_pattern": type: object required: false properties: "pattern": type: string "disconnect": type: boolean default: false "trigger_rx": type: boolean default: true "trigger_tx": type: boolean default: true "ports": type: array items: type: string description: "Reference to a port ID" "wtmp": type: object required: false properties: "login": type: boolean "logout": type: boolean "actions": type: array description: "The list of references to actions along with the resolution values to use for that action" items: type: object properties: "action": type: string "resolution_values": type: array items: type: string "dependant_keys_any": type: array description: "A list of keys that are or'd to determine the Auto-Response Beacon state" "dependant_keys_all": type: array description: "A list of keys that are and'd to determine the Auto-Response Beacon state" getAutoResponseBeaconListResponse: description: "A list of Auto-Response Beacons" type: object properties: "beacons": type: array items: type: getAutoResponseBeaconListItem meta: metaResponse bulkDeleteAutoResponseBeaconList: description: "A list of auto-response beacon ids" type: object properties: "auto_response_beacon": type: array items: type: string setAutoResponseBeacon: description: "A single Auto-Response Beacon" type: object properties: "auto_response_beacon": type: object properties: "name": type: string description: "Each Auto-Response Beacon must have a unique symbolic name. Use this to distinguish between multiple beacons on the device." "description": type: string required: false description: "Each Auto-Response Beacon may have an optional description." "module": type: string description: "The corresponding 'salt' Auto-Response module this Beacon will use." enum: [ "btmp", "cell_connection", "cell_signal_strength", "curl", "custom_cmd", "load", "mem", "network", "ping", "serial_login", "serial_pattern", "serial_signal", "cell_message", "wtmp" ] "interval": type: number description: "Interval in seconds between running the Auto-Response Beacon" required: false "enable": type: boolean description: "Turn on this Auto-Response Beacon" required: false default: false "cell_signal_strength": type: object required: false properties: "threshold": type: number minimum: 1 maximum: 99 "on_change_only": type: boolean required: false default: true "emit_at_startup": type: boolean required: false default: true "cell_message": type: object required: false properties: "message_pattern": type: string "phone_numbers": type: array "curl": type: object required: false properties: "urls": type: array "request": type: string required: false default: "GET" "on_change_only": type: boolean required: false default: true "data": type: string required: false "max_time": type: number required: false "custom_cmd": type: object required: false properties: "shell_command": type: string "timeout": type: number required: false default: 10 minimum: 1 "load": type: object required: false properties: "one_minute": type: object properties: "low": type: string pattern: "^(([1-9][0-9]*)|[0])[.]([0-9]{4})$" "high": type: string pattern: "^(([1-9][0-9]*)|[0])[.]([0-9]{4})$" "five_minute": type: object properties: "low": type: string pattern: "^(([1-9][0-9]*)|[0])[.]([0-9]{4})$" "high": type: string pattern: "^(([1-9][0-9]*)|[0])[.]([0-9]{4})$" "fifteen_minute": type: object properties: "low": type: string pattern: "^(([1-9][0-9]*)|[0])[.]([0-9]{4})$" "high": type: string pattern: "^(([1-9][0-9]*)|[0])[.]([0-9]{4})$" "emit_at_startup": type: boolean required: false default: true "on_change_only": type: boolean required: false default: false "mem": type: object required: false properties: "percent": type: string pattern: "^(([1-9][0-9]*)|[0])[.]([0-9]{4})$" "on_change_only": type: boolean required: false default: false "network": type: object required: false properties: "interfaces": type: array items: type: networkInterfaceMap "coalesce": type: boolean "ping": type: object required: false properties: "interface": type: string description: "Reference to a physif ID" "destination": type: string "on_change_only": type: boolean required: false default: true "serial_login": type: object required: false properties: "check_login": type: boolean required: false default: true "check_logout": type: boolean required: false default: true "ports": type: array items: type: string description: "Reference to a port ID" "serial_signal": type: object required: false properties: "ports": type: array items: type: string description: "Reference to a port ID" "signals": type: array items: type: string enum: [cts, dcd, dsr, dtr, rts] description: "List of serial signal types to filter events on" "serial_pattern": type: object required: false properties: "pattern": type: string "disconnect": type: boolean required: false default: false "trigger_rx": type: boolean required: false default: true "trigger_tx": type: boolean required: false default: true "ports": type: array items: type: string description: "Reference to a port ID" "wtmp": type: object required: false properties: "login": type: boolean default: true "logout": type: boolean default: true "actions": type: array description: "The list of references to actions along with the resolution values to use for that action" items: type: object properties: "action": type: string "resolution_values": type: array items: type: string "dependant_keys_any": type: array description: "A list of keys that are or'd to determine the Auto-Response Beacon state" "dependant_keys_all": type: array description: "A list of keys that are and'd to determine the Auto-Response Beacon state" getAutoResponseBeaconResponse: description: "A single Auto-Response Beacon" type: object properties: "auto_response_beacon": type: getAutoResponseBeaconListItem getAutoResponseReactionListItem: description: "An Auto-Response Reaction" type: object properties: "id": type: string description: "Database ID for this Auto-Response Reaction." "name": type: string description: "Each Auto-Response Reaction has a non-unique name to help distinguish it." "sub_type": type: string description: "The type of Auto-Response Reaction." enum: [ "cell_message_react", "custom_command", "serial_text", "slack", "snmp", ] "custom_command": type: object required: false properties: "shell_command": type: string "timeout": type: number "cell_message_react": type: object required: false properties: "phone_numbers": type: array "message": type: string "serial_text": type: object required: false properties: "port": type: string description: "Reference to a port ID" "command": type: string "response": type: string "timeout": type: number minimum: 0 "slack": type: object required: false properties: "channels": type: array "message": type: string "from_name": type: string "api_key": type: string "snmp": type: object required: false properties: "oid": type: string "timeout": type: number "var_binds": type: array items: type: object properties: "mib_oid": type: string "mib_type": type: string "mib_value": type: string getAutoResponseReactionListResponse: description: "A list of Auto-Response Reactions" type: object properties: "reactions": type: array items: type: getAutoResponseReactionListItem meta: metaResponse setAutoResponseReaction: description: "A single Auto-Response Reaction" type: object properties: "auto_response_reaction": type: object properties: "name": type: string description: "Each Auto-Response Reaction must have a unique symbolic name. Use this to distinguish between multiple Auto-Response Reaction's on the device." "sub_type": type: string description: "The type of Auto-Response Reaction." enum: [ "cell_message_react", "custom_command", "serial_text", "slack", "snmp", ] "custom_command": type: object required: false properties: "shell_command": type: string "timeout": type: number required: false default: 10 minimum: 1 "cell_message_react": type: object required: false properties: "phone_numbers": type: array "message": type: string "serial_text": type: object required: false properties: "port": type: string description: "Reference to a port ID" "command": type: string "response": type: string "timeout": type: number minimum: 0 "slack": type: object required: false properties: "channels": type: array "message": type: string "from_name": type: string "api_key": type: string "snmp": type: object required: false properties: "oid": type: string "timeout": type: number "var_binds": type: array items: type: object properties: "mib_oid": type: string "mib_type": type: string "mib_value": type: string getAutoResponseReactionResponse: description: "A single Auto-Response Reaction" type: object properties: "auto_response_reaction": type: getAutoResponseReactionListItem bulkDeleteAutoResponseReactionList: description: "A list of auto-response reaction ids" type: object properties: "auto_response_reaction": type: array items: type: string getAutoResponseBeaconStatusItem: description: "The Auto-Response Status of a Beacon" type: object properties: "id": type: string description: "Database ID for this Auto-Response Beacon." "name": type: string description: "Each Auto-Response Beacon must have a unique symbolic name. Use this to distinguish between multiple beacons on the device." "module": type: string description: "The corresponding 'salt' Auto-Response module this Beacon is using." enum: [ "btmp", "cell_connection", "cell_signal_strength", "curl", "custom_cmd", "load", "mem", "network", "ping", "serial_login", "serial_pattern", "serial_signal", "cell_message", "wtmp" ] "trigger_count": type: integer description: "The number of Auto-Response Beacon events that were triggered, includes resolved events" "last_triggered": type: string description: "The date and timestamp when the last Auto-Response Beacon event occurred" "beacon_data": type: object description: "The data the Auto-Response Beacon was triggered with" "events": type: array description: "The Auto-Response Beacon events since last boot" getAutoResponseStatus: description: "The Auto-Response Status" type: object properties: "auto_response_status": type: object properties: "beacons": type: array description: "Status for all Beacons" items: type: getAutoResponseBeaconStatusItem getAutoResponseBeaconStatus: description: "A single Auto-Response Beacon Status" type: object properties: "auto_response_status": type: getAutoResponseBeaconStatusItem getAutoResponseBeaconStatusBeaconModules: description: "The Auto-Response Status of all the Beacon Modules" type: object properties: "module": type: string description: "The corresponding 'salt' Auto-Response beacon module." enum: [ "btmp", "cell_connection", "cell_signal_strength", "curl", "custom_cmd", "load", "mem", "network", "ping", "serial_login", "serial_pattern", "serial_signal", "cell_message", "wtmp" ] "resolution_values": type: array description: "The list of resolution values to filter on for a reaction for this beacon module." items: type: string getAutoResponseStatusBeaconModules: description: "The Auto-Response Status for all Beacon Modules." type: object properties: "beacon-modules": type: array description: "Status for all Beacon Modules" items: type: getAutoResponseBeaconStatusBeaconModules snmpPduSettings: description: "The SNMP configuration to access the PDU." type: object properties: "id": type: string "protocol": type: string enum: [ "UDP", "TCP", ] "address": type: string "port": type: integer minimum: 1 maximum: 65535 required: false "version": type: string enum: [ "v1", "v2c", "v3", ] "community": type: string required: false "auth_protocol": type: string enum: [ "SHA", "MD5", ] required: false "auth_password": type: string description: "[sensitive]" required: false "username": type: string required: false "engine_id": type: string required: false "privacy_protocol": type: string enum: [ "AES", "DES", ] required: false "privacy_password": type: string description: "[sensitive]" required: false "security_level": type: string enum: [ "noAuthNoPriv", "authNoPriv", "authPriv", ] required: false serialPduSettings: description: "The serial specific settings for a PDU." type: object properties: "id": type: string "username": type: string required: false "password": type: string description: "[sensitive]" required: false "port": type: string pduOutlet: description: "An outlet on a power distribution unit." type: object properties: "id": type: string "number": type: integer "name": type: string required: false "port": type: string required: false "status": type: string required: false "status_timestamp": type: string required: false "last_action": type: string required: false "last_action_timestamp": type: string required: false PDU: description: "Get a PDU specified by ID." type: object properties: "name": type: string description: "A unique user specified name for the PDU." "driver": type: string description: "The driver to use to control and monitor the PDU." "method": type: string description: "The method to used to access the PDU, can be 'snmp', 'powerman' or 'shell'." "monitor": type: boolean description: "If true the pdu outlets are monitored for any change in status." "id": type: string description: "The unique id of the PDU." "outlet_count": required: false type: integer description: "The number of outlets on the PDU." "powerman": type: serialPduSettings required: false "shell": type: serialPduSettings required: false "snmp": type: snmpPduSettings required: false "outlets": type: array items: type: pduOutlet setPDU: description: "Set a pdu specified by ID." type: object properties: "pdu": "type": object properties: "name": type: string description: "A unique user specified name for the PDU." "driver": type: string description: "The driver to use to control and monitor the PDU." "method": type: string description: "The method to used to access the PDU, can be 'snmp', 'powerman' or 'shell'." "monitor": type: boolean description: "If true the pdu outlets are monitored for any change in status." "powerman": type: serialPduSettings required: false "shell": type: serialPduSettings required: false "snmp": type: snmpPduSettings required: false PDUId: type: object properties: "pdu": type: PDU PDUList: description: "Get the list of configured PDUs." type: object properties: "pdus": type: array items: type: PDU ipPassthrough: description: "The IP Passthrough settings" type: object properties: "ip_passthrough": type: object properties: "enabled": type: boolean "passthrough_physif": type: string description: | The network interface port used for ethernet connection to the downstream device. [**Optional when IP Passthrough is disabled**] "mac_address": type: string description: | The downstream device's MAC address that is connected to the Operations Manager. If mac_address is not specified, the Operations Manager will connect to the first downstream device requesting a DHCP assigned IP address. If this field is empty when IP Passthrough is to be disabled, the stored MAC address will be removed. required: false "service_intercepts": type: object description: | Service intercepts allow specific protocols to be accessed on the Operations Manager in addition to those found on the downstream device. required: true properties: "https": type: integer description: | Choose an unused port number, so that the HTTPS server on the Operations Manager can be accessed. This will not impede traffic bound for the downstream device's configured HTTPS port.
If _https_ is an empty field, omitted entirely, or set to 0, incoming HTTPS connections are passed through to the downstream device by default, and the Operations Manager's HTTPS server will be inaccessible via incoming connections through the cellular interface. required: false "ssh": type: integer description: | Choose an unused port number, so that the SSH server on the Operations Manager can be accessed. This will not impede traffic bound for the downstream device's configured SSH port.
If _ssh_ is an empty field, omitted entirely, or set to 0, incoming SSH connections are passed through to the downstream device by default, and the Operations Manager's SSH server will be inaccessible via incoming connections through the cellular interface. required: false ipPassthroughStatus: description: "The IP Passthrough status information" type: object properties: "ip_passthrough_status": type: object properties: "status": type: string description: | A status value indicating the current state of the IP Passthrough connection with a downstream device. enum: [ "disabled", "cell_not_active", "connecting", "active" ] "downstream_ip": type: string description: | The IP address taken from the device's cellular modem and assigned to the downstream device. "downstream_mac": type: string description: | The MAC address of the downstream device that has been assigned the cellular IP address. portAutoDiscoveryParameters: description: "The Port Auto-Discovery trigger parameters" type: object properties: auto_discover: description: "The Port Auto-Discovery root object" type: object properties: ports: description: "The list of ports (as integers) to discover. Setting this value to **null** will result in all ports being set for Auto-Discovery." type: integer[] | nil portAutoDiscoveryState: description: "The Port Auto-Discovery state object" type: object properties: auto_discover: description: "The Port Auto-Discovery root object" type: object properties: status: description: "The status, as returned by the Port Auto-Discover process" type: string portAutoDiscoverySchedule: description: "The Port Auto-Discovery Scheduling object" type: object properties: auto_discover_schedule: description: "The Port Auto-Discovery scheduling root object" properties: enabled: type: boolean description: Controls if periodic port auto-discovery is active. default: false period: type: string description: Specify the frequency type for the schedule. enum: [ "daily", "weekly", "monthly" ] day_of_month: type: integer description: | The day of the month to perform discovery on. Valid values are 1 to 31. Be aware that values over 28 means discovery will not run on some months. [**monthly period only**] minimum: 1 maximum: 31 required: false day_of_week: description: | The day of the week to perform discovery on. Valid values are 0 (Sunday) to 6 (Saturday). [**weekly period only**] type: integer minimum: 0 maximum: 6 required: false hour: type: integer description: | The hour of the day to perform discovery on. Valid values are 0 to 23. minimum: 0 maximum: 23 minute: type: integer description: | The minute of the hour to perform discovery on. Valid values are 0 to 59. minimum: 0 maximum: 59 ports: description: | The list of ports (as integers) to discover (1 based numbering). type: integer[] staticRouteItem: description: "The static route data item" type: object properties: destination_address: type: string description: "The destination network/host that the route provides access to." destination_netmask: type: integer description: "Netmask for IPv4/IPv6 (CIDR format)." gateway_address: type: string required: false description: | The IPv4/IPv6 address of the router gateway that will route packets to the destination address. If this property is not provided, the interface property must be given. interface: type: string required: false description: | The network interface to be associated with the route. If this property is not provided, the gateway_address property must be given. metric: type: integer required: false description: | The route metric, which represents the cost of routing packets via this route. Lower metric routes will be used in preference to higher metric routes staticRouteItemWithId: description: "The static route data item with id" type: staticRouteItem properties: id: type: string description: "Unique id of item" multi_field_identifier: type: string description: "A string which can be used to uniquely identify this static route" getStaticRoutesList: description: "The static routes list object" type: object properties: static_routes: description: "The root object" type: array items: type: staticRouteItemWithId putStaticRoutesList: description: "The static routes object put object" type: object properties: static_routes: description: "The root object" type: array items: type: staticRouteItem getStaticRouteItem: description: "The static route get object" type: object properties: static_route: description: "The root object" type: staticRouteItemWithId putStaticRouteItem: description: "The static route put object" type: object properties: static_route: description: "The root object" type: staticRouteItem postStaticRouteItem: description: "The static routes post object" type: object properties: static_route: description: "The root object" type: staticRouteItem postStaticRouteItemResult: description: "The static routes post object result" type: object properties: static_route: description: "The root object" type: staticRouteItemWithId tftpGet: type: object properties: tftp: type: object properties: enabled: type: boolean path: type: string ntpPut: type: object properties: ntp: type: object properties: enabled: type: boolean servers: type: array items: type: object properties: value: type: string ntpGet: type: object properties: ntp: type: object properties: id: type: string enabled: type: boolean servers: type: array items: type: object properties: id: type: string value: type: string webuiSessionTimeout: type: object properties: "system_webui_session_timeout": type: object properties: timeout: type: integer cliSessionTimeout: type: object properties: "system_cli_session_timeout": type: object properties: timeout: type: integer sessionTimeout: type: object properties: "system_session_timeout": type: object properties: cli_timeout: type: number description: | The timeout (in minutes) for local console, web terminal, and ssh sessions. Maximum value is 1440. Set this to 0 to disable the timeout. format: float minimum: 0 maximum: 1440 webui_timeout: type: integer description: | The timeout (in minutes) for web UI and REST API sessions. Maximum value is 1440. minimum: 1 maximum: 1440 serial_port_timeout: type: number description: | The timeout (in minutes) for serial port sessions. Maximum value is 1440. required: true format: float minimum: 0 maximum: 1440 serverList: type: array items: type: object description: A single server use for authentication or accounting. properties: hostname: type: string description: "An IP address for the server. Supports IPv4, IPv6 or a name that can be resolved using DNS." port: type: integer description: "Set this to use a non-standard port when connecting to the server." required: false authObj: type: object properties: mode: type: string description: The service to use for authentication of users. enum: [ "local", "radius", "tacacs", "ldap", ] policy: description: | The auth policy determines whether to always check local credentials after a remote authentication failure or to only check the local credentials if the remote authentication server is unreachable. [visible:mode:!=:local] type: string enum: [ "remotedownlocal", "remotelocal", ] # these fields are only valid when mode == radius radiusAuthenticationServers: type: serverList description: | A list of RADIUS servers to use for authentication. [visible:mode:=:radius,required:mode:=:radius] required: false radiusAccountingServers: type: serverList description: | A list of RADIUS servers to use for accounting. [visible:mode:=:radius,required:mode:=:radius] required: false # these fields are only valid when mode == tacacs tacacsMethod: type: string description: | The login method to use with the TACACS server. [visible:mode:=:tacacs] enum: [ "pap", "chap", "login", ] required: false default: pap tacacsService: type: string description: | The service to use with the TACACS server. [visible:mode:=:tacacs] required: false default: raccess tacacsAuthenticationServers: type: serverList description: | A list of TACACS servers to use. [visible:mode:=:tacacs, required:mode:=:tacacs] required: false tacacsAccountingEnabled: type: boolean description: | Enable accounting for TACACS+. Accounting logs are sent to the first active TACACS+ Authentication Server. [visible:mode:=:tacacs, required:mode:=:tacacs] required: false default: true # these fields are only valid when mode == ldap ldapBaseDN: type: string description: | The Base DN to use with the LDAP server. [visible:mode:=:ldap, required:mode:=:ldap] required: false ldapBindDN: type: string description: | The Bind DN to use with the LDAP server. [visible:mode:=:ldap] required: false ldapIgnoreReferrals: type: boolean description: | Should referrals from the LDAP server be ignored? [visible:mode:=:ldap] required: false default: false ldapUsernameAttribute: type: string description: | The attribute that should be used for the user name. [visible:mode:=:ldap, required:mode:=:ldap] ldapGroupMembershipAttribute: type: string description: | The attribute that should be used for the group name. [visible:mode:=:ldap] required: false ldapAuthenticationServers: type: serverList description: | A list of LDAP servers to use. [visible:mode:=:ldap, required:mode:=:ldap] required: false authGet: type: object properties: auth: type: authObj authPut: type: object properties: auth: type: authObj properties: radiusPassword: type: string description: | The password to use when accessing the RADIUS server. [sensitive, visible:mode:=:radius, required:mode:=:radius] required: false tacacsPassword: type: string description: | The password to use when accessing the TACACS server. [sensitive, visible:mode:=:tacacs, required:mode:=:tacacs] required: false ldapBindPassword: type: string description: | The password to use when accessing the LDAP server. [sensitive, visible:mode:=:ldap] required: false localPasswordComplexityObj: type: object properties: local_password_policy: type: object properties: password_expiry_interval_enabled: type: boolean description: | Setting this to true causes passwords to expire after an interval. password_expiry_interval_days: type: integer description: | The number of days after which a password should expire. This only applies if password expiry is enabled. [visible:password_expiry_interval_enabled:=:true] password_complexity_enabled: type: boolean description: | Setting this to true causes password complexity to be enforced. This requires that a password is not exactly the same as the previous password. All local users, including root, are subject to the complexity requirements. password_minimum_length: type: integer description: | Specify the minimum required length for passwords. Cannot be set to less than 6. This only applies if password complexity is enabled. [visible:password_complexity_enabled:=:true] password_must_contain_upper_case: type: boolean description: | Set this to true to require that at least one uppercase character (A-Z) is included in passwords. This only applies if password complexity is enabled. [visible:password_complexity_enabled:=:true] password_must_contain_special: type: boolean description: | Set this to true to require that at least one special character (anything other than A-Z or 0-9) is included in passwords. This only applies if password complexity is enabled. [visible:password_complexity_enabled:=:true] password_must_contain_number: type: boolean description: | Set this to true to require that at least one numeric character (0-9) is included in passwords. This only applies if password complexity is enabled. [visible:password_complexity_enabled:=:true] password_disallow_username: type: boolean description: | Set this to true to check whether the password (with possible modifications) contains the user name in some form. It is not performed for user names shorter than 3 characters. This only applies if password complexity is enabled. [visible:password_complexity_enabled:=:true] httpsCommon: type: object properties: "common_name": type: string "org_unit": type: string "organization": type: string "locality": type: string "state": type: string "country": type: string "email": type: string httpsCSRGet: type: httpsCommon properties: "key_length": type: integer required: false "csr": type: string required: false httpsCSRPut: type: httpsCommon properties: "key_length": type: integer "csr": type: string challenge_password: type: string description: "[sensitive]" required: false private_key: type: string description: "[sensitive]" required: false httpsGet: type: object properties: https: type: httpsCommon properties: "valid_from": type: string "valid_to": type: string "cert": type: string "key_length": type: integer "key": type: string description: "[sensitive]" "csr": type: httpsCSRGet required: false httpsPut: type: object properties: https: type: object properties: "csr": type: httpsCSRPut required: false "cert": type: string required: false "key": type: string description: "[sensitive]" required: false resourceTypes: base-type: get?: securedBy: [ token ] headers: Authorization: displayName: Authorization example: Token {{sessionUid}} responses: 400: body: application/json: type: error 401: description: Authentication failure body: application/json: type: error examples: example1: value: { "error": [ { type: 7, "code": 42, "level": 1, "text": "Invalid session ID", "args": {} } ] } example2: value: { "error": [ { type: 7, "code": 46, "level": 1, "text": "Permission denied", "args": {} } ] } post?: securedBy: [ token ] headers: Authorization: displayName: Authorization example: Token {{sessionUid}} responses: 400: body: application/json: type: error 401: description: Authentication failure body: application/json: type: error example: { "error": [ { type: 7, "code": 42, "level": 1, "text": "Invalid session ID", "args": {} } ] } put?: securedBy: [ token ] headers: Authorization: displayName: Authorization example: Token {{sessionUid}} responses: 400: body: application/json: type: error 401: description: Authentication failure body: application/json: type: error example: { "error": [ { type: 7, "code": 42, "level": 1, "text": "Invalid session ID", "args": {} } ] } 404: description: Not found body: application/json: type: error 500: description: Internal error body: application/json: type: error delete?: securedBy: [ token ] headers: Authorization: displayName: Authorization example: Token {{sessionUid}} responses: 400: description: Incomplete data body: application/json: type: error 401: description: Authentication failure body: application/json: type: error example: { "error": [ { type: 7, "code": 42, "level": 1, "text": "Invalid session ID", "args": {} } ] } patch?: securedBy: [ token ] headers: Authorization: displayName: Authorization example: Token {{sessionUid}} responses: 400: body: application/json: type: error 401: description: Authentication failure body: application/json: type: error example: { "error": [ { type: 7, "code": 42, "level": 1, "text": "Invalid session ID", "args": {} } ] } searchable-type: type: base-type get: queryParameters: json: description: > One or more json URL encoded search parameters. Example %7B%22type%22%3A1%2C%22items%22%3A%5B%7B%22datatype%22%3A4 %2C%22type%22%3A3%2C%22oper%22%3A1%2C%22fieldname%22%3A%22 config%3Aname%22%2C%22value%22%3A%22test%22%7D%5D%7D which is the URL encoded json {type:1,items:[{"datatype":4,type:3,"oper":1,"fieldname":"config:name","value":"test"}]} type: string required: false displayName: 'json' jb64: description: > one or more base64 encoded json search parameters. Ensure that any trailing = padding is URL encoded to %3D type: string required: false displayName: 'jb64' searchparameters: description: > Caution: This is not an actual parameter but exists to help document additional search related parameters. For example, config:name=\*test\*, will search for objects with names containing test. Allowed operators are: =value, >value, >=value, Operator applied between all searchparameters, json and jb64 query parameters. AND or OR default: AND required: false searchId: description: > The Operations Manager appliance maintains search results for a limited timespan. The searchId is returned in meta data of a normal search and can then be used as a parameter to retrieve the same results. When searchId is used, no other search parameter may be included. type: string required: false displayName: 'searchId' responses: 400: description: > Invalid request: Invalid Condition value. Invalid search parameter. Invalid json/jb64 parameter. body: application/json: type: error example: { "error": [ { type: 4, "code": 48, "level": 1, "text": "Invalid parameter 'config:nam' was provided", "args": { "param": "config:nam" } }, { type: 2, "code": 49, "level": 1, "text": "Invalid json '{\"type\":1,\"items\":{\"datatype\":4,\"type\":3,\"oper\":1,\"fieldname\":\"config:name\",\"value\":\"test\"}]}' for parameter 'json'", "args": { "line": "1", "position": "92", "value": "{\"type\":1,\"items\":{\"datatype\":4,\"type\":3,\"oper\":1,\"fieldname\":\"config:name\",\"value\":\"test\"}]}", "column": "92", "error": "'}' expected near ']'", "param": "json" } }, { type: 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } /sessions: description: > The sessions endpoint is used to authenticate the user and create a session token for accessing all other Operations Manager endpoints. # Auth.session_create post: displayName: createSession description: Create a new authenticated session. body: application/json: type: credentials examples: example1: {"username":"root","password":"default"} example2: {"username":"root","password":"default","new_password":"abcdefg","confirm_password":"abcdefg"} responses: 400: description: Failed to initiate session creation due to error in post body. body: application/json: example: { "error": [ { type: 4, "code": 40, "text": "Required field 'username' was not provided in the request", "args": { "param": "username" }, "level": 1 }, { type: 4, "code": 40, "text": "Required field 'password' was not provided in the request", "args": { "param": "password" }, "level": 1 } ] } 401: body: application/json: examples: example1: description: Authentication failed due to invalid credentials or session. value: { "error": [ { type: 7, "code": 42, "text": "Invalid login credentials", "args": {}, "level": 1 } ] } example2: description: Authentication failed due to expired credentials. value: { "error": [ { type: 7, "code": 113, "text": "You are required to change your password immediately", "args": {}, "level": 1 } ] } example3: description: Warning that you have HTTPS protection enabled for Brute Force Protection and you may be banned. value: { "error": [ { type: 7, "code": 42, "text": "Invalid login credentials", "args": {}, "level": 1 }, { type: 7, "code": 333, "text": "3 incorrect login attempts in 1 minute(s) will result in a ban of 60 seconds", "args": {}, "level": 1 } ] } 303: description: Redirect to new authentication session body: application/json: example: { "sid": "71dcba707b6c177644ede1b224f69096", "message": "Redirecting to new session at {redirect-url}" } 200: body: application/json: type: getSessionResponse example: { "state": "authenticated", "session": "71dcba707b6c177644ede1b224f69096", "user": "root" } /self: type: base-type # Auth.session_get get: displayName: getSession description: > Retrieve the state of an authentication session. responses: 200: description: Session exists body: application/json: type: getSessionResponse example: { "state": "authenticated", "session": "71dcba707b6c177644ede1b224f69096", "user": "root" } 404: description: Session does not exist # Auth.session_apply_response put: body: application/json: type: responseToSessionChallenge displayName: responseToSessionChallenge description: Apply a challenge response to a session responses: 200: description: Response applied. Next challenge in {challenge} if required. body: application/json: type: responseToSessionChallenge 400: description: Invalid request body: application/json: example: { "error": [ { type: 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } 403: description: Authentication failed. No more attempts allowed. 404: description: Authentication failed. # Auth.session_delete delete: displayName: deleteSession description: Log out of and delete a session responses: 200: description: Session deleted body: application/json: type: deleteSessionResponse 404: description: Session did not exist /ports: type: searchable-type description: > Configuring and viewing ports information get: displayName: getPorts description: > Gets ports attached to this appliance. Any number of search query parameters can be provided to perform an ANDed search on the ports. queryParameters: searchparameters: description: > Caution: This is not an actual parameter but exists to help document additional search related parameters. Parameters used for matching specific port attributes can be included inside the request. For example, config:label=port-1 config:mode=consoleServer Where config:label and config:mode prameter keys are attributes (or fields) of a port. The values of these fields will be matched against all ports. A List of available fields can be retrieved from the /ports/fields endpoint. type: string required: false displayName: 'search parameters*' responses: 200: description: The array of ports, either a full array or as requested by parameters body: application/json: type: getPortList example: { "ports": [ { "parity": "none", "label": "Port-1", "id": "ports-1", "escape_char": "", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [ { "id": "ipalias-1", "port": "serial/by-opengear-id/port01", "ipaddress": "192.168.33.201/24", "interface": "net1", } ], "baudrate": "9600", "mode": "localConsole", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port01', "name": 'port01', }, { "parity": "none", "label": "Port-2", "id": "ports-2", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port02', "name": 'port02', }, { "parity": "none", "label": "Port-3", "id": "ports-3", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [ { "id": "ipalias-1", "port": "serial/by-opengear-id/port03", "ipaddress": "192.168.33.11/24", "interface": "net1", } ], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port03', "name": 'port03', }, { "parity": "none", "label": "Port-4", "id": "ports-4", "escape_char" : "", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "baudrate": "9600", "mode": "localConsole", "logging_level": "disabled", "databits": "8", "terminal_emulation": "vt220", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port04', "name": 'port04', }, { "parity": "none", "label": "Port-5", "id": "ports-5", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port05', "name": 'port05', }, { "parity": "none", "label": "Port-6", "id": "ports-6", "escape_char" : "~", "control_code": { "break": "b", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port06', "name": 'por06', }, { "parity": "none", "label": "Port-7", "id": "ports-7", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port07', "name": 'port07', }, { "parity": "none", "label": "Port-8", "id": "ports-8", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port08', "name": 'port08', }, { "parity": "none", "label": "Port-9", "id": "ports-9", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port09', "name": 'port09', }, { "parity": "none", "label": "USB A", "id": "USB-A", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "disconnected", "pinout": "USB", "available_pinouts": ["USB"], "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/USB-A', "name": 'USB-A', } ], "meta": { "searchId": "{49ec4c2-5f78-11e8-899f-97417ae8617}" } } 400: description: Invalid request body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {} } ] } 404: description: Invalid request, Incomplete data, Port not found, Failure during retrieval of ports body: application/json: type: error 500: description: Failed to read ports. body: application/json: type: error put: displayName: putPorts description: > Update properties for all ports attached to this appliance. body: application/json: type: putPortList example: { "ports": [ { "parity": "none", "label": "Port-1", "escape_char": "", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "pinout": "X2", "ip_alias": [ { "ipaddress": "192.168.33.201/24", "interface": "net1", } ], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, }, { "parity": "none", "label": "Port-2", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "pinout": "X2", "ip_alias": [], "baudrate": "9600", "mode": "localConsole", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": true, }, { "parity": "none", "label": "Port-3", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "pinout": "X2", "ip_alias": [ { "ipaddress": "192.168.33.11/24", "interface": "net1", } ], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, }, { "parity": "none", "label": "Port-4", "escape_char" : "", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "pinout": "X2", "ip_alias": [], "baudrate": "9600", "mode": "localConsole", "logging_level": "disabled", "databits": "8", "terminal_emulation": "vt220", "kernel_debug": false, }, { "parity": "none", "label": "Port-5", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "pinout": "X2", "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, }, { "parity": "none", "label": "Port-6", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "pinout": "X2", "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, }, { "parity": "none", "label": "Port-7", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "pinout": "X2", "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, }, { "parity": "none", "label": "Port-8", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "pinout": "X2", "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, }, { "parity": "none", "label": "Port-9", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "pinout": "X2", "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, }, { "parity": "none", "label": "USB A", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "pinout": "USB", "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, } ] } responses: 200: description: The array of ports, either a full array or as requested by parameters body: application/json: type: getPortList example: { "ports": [ { "parity": "none", "label": "Port-1", "id": "ports-1", "escape_char": "", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [ { "id": "ipalias-1", "port": "serial/by-opengear-id/port01", "ipaddress": "192.168.33.201/24", "interface": "net1", } ], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port01', "name": 'port01' }, { "parity": "none", "label": "Port-2", "id": "ports-2", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "baudrate": "9600", "mode": "localConsole", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": true, "sessions": [], "device": 'serial/by-opengear-id/port02', "name": 'port02' }, { "parity": "none", "label": "Port-3", "id": "ports-3", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [ { "id": "ipalias-1", "port": "serial/by-opengear-id/port03", "ipaddress": "192.168.33.11/24", "interface": "net1", } ], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port03', "name": 'port03' }, { "parity": "none", "label": "Port-4", "id": "ports-4", "escape_char" : "", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "baudrate": "9600", "mode": "localConsole", "logging_level": "disabled", "databits": "8", "terminal_emulation": "vt220", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port04', "name": 'port04' }, { "parity": "none", "label": "Port-5", "id": "ports-5", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port05', "name": 'port05' }, { "parity": "none", "label": "Port-6", "id": "ports-6", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port06', "name": 'port06' }, { "parity": "none", "label": "Port-7", "id": "ports-7", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port07', "name": 'port07' }, { "parity": "none", "label": "Port-8", "id": "ports-8", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port08', "name": 'port08' }, { "parity": "none", "label": "Port-9", "id": "ports-9", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port09', "name": 'port09' }, { "parity": "none", "label": "USB A", "id": "USB-A", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "disconnected", "pinout": "USB", "available_pinouts": ["USB"], "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/USB-A', "name": 'USB-A' } ], "meta": { "searchId": "{49ec4c2-5f78-11e8-899f-97417ae8617}" } } 400: description: Invalid request body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {} } ] } 404: description: Invalid request, Incomplete data, Port not found, Failure during retrieval of ports body: application/json: type: error 500: description: Failed to read ports. body: application/json: type: error /{id}: type: base-type description: > Configuring and viewing information for a specific port get: description: Retrieve a single port by ID. responses: 200: description: Port has been updated. body: application/json: type: getPortType examples: port_with_ipaliases: { "port": { "parity": "none", "label": "Port-1", "id": "ports-1", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [ { "id": "ipalias-1", "port": "serial/by-opengear-id/port01", "ipaddress": "192.168.33.201/24", "interface": "net1", }, { "id": "ipalias-2", "port": "serial/by-opengear-id/port01", "ipaddress": "192.168.33.9/24", "interface": "net1", } ], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port01', "name": 'port01' } } port_without_ipaliases: { "port": { "parity": "none", "label": "Port-3", "id": "ports-3", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "baudrate": "9600", "mode": "localConsole", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": true, "sessions": [], "device": 'serial/by-opengear-id/port01', "name": 'port01' } } put: description: Set the properties for a single port. body: application/json: type: putPortType examples: port_with_ipaliases: { "port": { "parity": "none", "label": "Port-1", "stopbits": "1", "pinout": "X2", "ip_alias": [ { "ipaddress": "192.168.33.201/24", "interface": "net1", }, { "ipaddress": "192.168.33.9/24", "interface": "net1", } ], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "ansi", "kernel_debug": false, "escape_char": "!", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, } } port_without_ipaliases: { "port": { "parity": "none", "label": "Port-1", "stopbits": "1", "pinout": "X2", "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "ansi", "kernel_debug": false, "escape_char": "!", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, } } responses: 200: description: Port has been updated. body: application/json: type: getPortType example: { "port": { "parity": "none", "label": "Port-1", "id": "ports-1", "escape_char": "!", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [ { "id": "ipalias-1", "port": "serial/by-opengear-id/port01", "ipaddress": "192.168.33.201/24", "interface": "net1", }, { "id": "ipalias-2", "port": "serial/by-opengear-id/port01", "ipaddress": "192.168.33.9/24", "interface": "net1", } ], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port01', "name": 'port01' } } /sessions: type: base-type get: description: Retrieve all active sessions on this port. responses: 200: body: application/json: type: getPortSessionList example: { "port_sessions": [ { "username": "alice", "client_pid": 123 } ] } 404: description: Port does not exist. delete: description: > Disconnect active sessions on this port. Use query parameters to select a subset of sessions for disconnection. If no query parameters are given, all sessions on this port will be disconnected. queryParameters: username: description: Only disconnect active sessions belonging to this user. type: string required: false responses: 200: description: > Request succeeded. Note that if there were no active sessions to be disconnected, the request is nevertheless successful. Check the 'disconnected_session_count' field of the response body to determine how many sessions were disconnected. body: application/json: type: deleteMultiplePortSessionsResponse example: { "disconnected_session_count": 1 } 404: description: Port does not exist. /{pid}: type: base-type get: description: Retrieve an active session on this port. responses: 200: body: application/json: type: getPortSessionType example: { "port_session": { "username": "alice", "client_pid": 123 } } 404: description: > Port does not exist, or active session with the given pid does not exist. delete: description: Disconnect the session. responses: 204: description: Request succeeded. 404: description: > Port does not exist, or active session with the given pid does not exist. /power: type: base-type put: description: Control power for a console device. body: application/json: type: putPortPowerAction example: { "cmd": { "action": "cycle", } } responses: 200: description: Power command executed. body: application/json: type: putPortPowerActionResponse example: { "cmd": "/usr/bin/ogpowergroup 'port16' cycle" } 400: description: Power command failed. body: application/json: type: error example: { "error": [ { type: 2, "code": 307, "level": 1, "text": "ogpower failed running command '/usr/bin/ogpowergroup 'port02' cycle'", "args": {} } ] } /fields: type: base-type get: displayName: Get port search fields description: > Obtain a list of fields which can be used to perform queries against ports. responses: 200: description: The list of search fields body: application/json: type: searchFieldsResponse example: { "fields": [ "config:label", "config:mode" ] } 500: description: Unexpected error headers: Authorization: description: authorization session token type: string displayName: Authorization /auto_discover: type: base-type description: > Manage Port Auto-Discovery post: description: > Trigger the port Auto-Discovery process displayName: trigger port discovery body: application/json: type: portAutoDiscoveryParameters examples: example1: description: Run Port Auto-Discover on all available ports value: { "auto_discover": { "ports": null } } example2: description: Run Port Auto-Discover on all available ports value: { "auto_discover": { "ports": [] } } example3: description: Run Auto-Disover on ports 1, 10, 33, and 42 value: { "auto_discover": { "ports": [1, 10, 33, 42] } } responses: 200: description: Port Auto-Discovery was triggered body: application/json: type: portAutoDiscoveryParameters get: description: > Get Port Auto-Discovery state displayName: get port auto discovery state responses: 200: description: The Port Auto-Discovery script state body: application/json: type: portAutoDiscoveryState example: { "auto_discover": { "status": "running" } } /schedule: type: base-type description: > Manage Port Auto-Discovery Scheduling put: description: > Schedule the Port Auto-Discovery process displayName: schedule port discovery body: application/json: type: portAutoDiscoverySchedule examples: example1: description: Schedule Port Auto-Discover for selected ports on daily basis value: { "auto_discover_schedule": { "enabled": true, "period": "daily", "hour": 2, "minute": 30, "ports": [11, 33, 4 ,20] } } example2: description: Schedule Port Auto-Discover for selected ports on weekly basis value: { "auto_discover_schedule": { "enabled": true, "period": "weekly", "day_of_week": 4, "hour": 2, "minute": 30, "ports": [11, 33, 4 ,20] } } responses: 200: description: Port Auto-Discovery was scheduled body: application/json: type: portAutoDiscoverySchedule get: description: > Get the Port Auto-Discovery schedule displayName: get port auto discovery scheduling responses: 200: description: The Port Auto-Discovery scheduling information body: application/json: type: portAutoDiscoverySchedule example: { "auto_discover_schedule": { "enabled": true, "period": "daily", "hour": 2, "minute": 30, "ports": [1, 10, 33, 42] } } /managementports: type: base-type description: > Used for working with local management console information. get: displayName: get managementports description: > Gets the local management console ports attached to this appliance. responses: 200: description: The array of management ports, either a full array or as requested by parameters body: application/json: type: getMgmtPortByIdResponseList example: { "managementports": [ { "id" : "mgmtPorts-1", "device" : "ttyS0", "enabled" : true, "kerneldebug" : false, "termemulation" : "vt100", "baud" : "115200", "databits" :"8", "parity" : "none", "stopbits" : "1" }, { "id" : "mgmtPorts-2", "device" : "ttyS1", "enabled" : true, "kerneldebug" : true, "termemulation" : "vt100", "baud" : "115200", "databits" :"8", "parity" : "none", "stopbits" : "1" }, ], "meta": { "searchId": "{49ec4c2-5f78-11e8-899f-97417ae8617}" } } 400: description: Invalid request, missing or incorrect page/per_page body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } 404: description: Invalid request, Incomplete data, management port not found, Failure during retrieval of management ports body: application/json: type: error 500: description: Failed to read management ports. body: application/json: type: error put: description: Set the properties for local management console ports. body: application/json: type: putMgmtPortList example: { "managementports": [ { "enabled" : true, "kerneldebug" : false, "termemulation" : "vt100", "baud" : "115200", "databits" :"8", "parity" : "none", "stopbits" : "1" }, { "enabled" : true, "kerneldebug" : false, "termemulation" : "vt100", "baud" : "115200", "databits" :"8", "parity" : "none", "stopbits" : "1" }, ] } responses: 200: description: Management Ports have been updated. body: application/json: type: getMgmtPortByIdResponseList example: { "managementports": [ { "id" : "mgmtPorts-1", "device" : "ttyS0", "enabled" : true, "kerneldebug" : false, "termemulation" : "vt100", "baud" : "115200", "databits" : "8", "parity" : "none", "stopbits" : "1" }, { "id" : "mgmtPorts-2", "device" : "ttyS1", "enabled" : true, "kerneldebug" : false, "termemulation" : "vt100", "baud" : "115200", "databits" : "8", "parity" : "none", "stopbits" : "1" } ], "meta": { "searchId": "{49ec4c2-5f78-11e8-899f-97417ae8617}" } } /{id}: type: base-type description: > Used for working with a specific management port. get: description: Retrieve a single local management console port by ID. responses: 200: description: management port has been updated. body: application/json: type: getMgmtPortByIdResponse example: { "managementport": { "id" : "mgmtPorts-1", "device" : "ttyS0", "enabled" : true, "kerneldebug" : false, "termemulation" : "vt100", "baud" : "115200", "databits" : "8", "parity" : "none", "stopbits" : "1" } } put: description: Set properties for a single local management console port. body: application/json: type: putMgmtPortById example: { "managementport": { "enabled" : true, "kerneldebug" : false, "termemulation" : "vt100", "baud" : "115200", "databits" :"8", "parity" : "none", "stopbits" : "1" } } responses: 200: description: Management Port has been updated. body: application/json: type: getMgmtPortByIdResponse example: { "managementport": { "id" : "mgmtPorts-1", "device" : "ttyS0", "enabled" : true, "kerneldebug" : false, "termemulation" : "vt100", "baud" : "115200", "databits" : "8", "parity" : "none", "stopbits" : "1" } } /search: type: base-type description: > Used to perform searches on ports on the system. /ports: type: base-type description: > Creating a search ID for ports from the given query parameters. get: displayName: getSearchId description: > Gets a search ID for searching ports attached to this Operations Manager appliance. Any number of search query parameters can be provided to perform an ANDed search on the ports. The list provided is dynamic. queryParameters: json: description: > One or more json URL encoded search parameters. Example %7B%22type%22%3A1%2C%22items%22%3A%5B%7B%22datatype%22%3A4 %2C%22type%22%3A3%2C%22oper%22%3A1%2C%22fieldname%22%3A%22 config%3Aname%22%2C%22value%22%3A%22test%22%7D%5D%7D which is the URL encoded json {type:1,items:[{"datatype":4,type:3,"oper":1,"fieldname":"config:label","value":"test"}]} type: string required: false displayName: 'json' jb64: description: > one or more base64 encoded json search parameters. Ensure that any trailing = padding is URL encoded to %3D type: string required: false displayName: 'jb64' searchparameters: description: > Caution: This is not an actual parameter but exists to help document additional search related parameters. Parameters used for matching specific port attributes can be included inside the request. For example, config:label=port-1 config:mode=consoleServer Where config:label and config:mode prameter keys are attributes (or fields) of a port. The values of these fields will be matched against all ports. A List of available fields can retrieved from the /ports/fields endpoint. type: string required: false displayName: 'search parameters*' operator: description: > Operator applied between all searchparameters, json and jb64 query parameters. AND or OR default: AND required: false responses: 200: description: The search ID, as defined by given parameters body: application/json: type: getSearchResponse example: { "search": { "id": "{268daae-5555-11e7-8af6-b7116753aa5}", }, } 400: description: Invalid request, missing or incorrect search parameters. body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {} } ] } 404: description: Invalid request, Incomplete data. body: application/json: type: error 500: description: Failed to retrieve a search ID. body: application/json: type: error /logs: description: > Used for working with the logs on the system. /syslog: type: base-type get: description: Fetch last n log lines in syslog. queryParameters: logLines: description: The number of lines to fetch - max 1000, min 10. type: integer required: false default: 100 responses: 200: description: Returns the last n lines in the syslog body: application/json: type: getSyslogLinesResponse example: { "syslog": { "id": "3fe0c4281c994a34225db3224b0cf4b4", "log_lines": [ "2018-04-23T16:49:35.285554+00:00 qemux86-64 sshd[20111]: Disconnected from 192.168.33.101", "2018-04-23T16:49:35.285625+00:00 qemux86-64 sshd[20111]: pam_unix(sshd:session): session closed for user root", "2018-04-23T16:49:35.379184+00:00 qemux86-64 sshd[20139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.33.101 user=root", "2018-04-23T16:49:37.937315+00:00 qemux86-64 sshd[20139]: Accepted publickey for root from 192.168.33.101 port 57058 ssh2: RSA SHA256:6ED9MiX/6QXhSLN5g25V4T0okuO9o0aQl0ONT9BCxKE", "2018-04-23T16:49:37.938147+00:00 qemux86-64 sshd[20139]: pam_unix(sshd:session): session opened for user root by (uid=0)", "2018-04-23T16:49:43.308764+00:00 qemux86-64 sshd[20139]: Received disconnect from 192.168.33.101: 11: disconnected by user", "2018-04-23T16:49:43.308798+00:00 qemux86-64 sshd[20139]: Disconnected from 192.168.33.101", "2018-04-23T16:49:43.308887+00:00 qemux86-64 sshd[20139]: pam_unix(sshd:session): session closed for user root", "2018-04-23T17:20:51.938418+00:00 qemux86-64 udhcpc[1660]: Sending renew...", "2018-04-23T17:20:51.941182+00:00 qemux86-64 udhcpc[1660]: Lease of 192.168.33.207 obtained, lease time 7200" ], "no_of_log_lines": 10 } } /portlog: /{id}: type: base-type get: description: Fetch last n log lines in portlog. queryParameters: logLines: description: The number of lines to fetch - max 1000, min 10. type: integer required: false maximum: 1000 minimum: 10 default: 100 responses: 200: description: Returns the last n lines in the portlog body: application/json: type: getPortLogLinesResponse example: { "portlog": { "id": "portlogports-1771bed6129488a69764d064ed7e6086d", "log_lines": [ "2018-04-19T21:59:42.475157+00:00 TXDATA ", "2018-04-19T21:59:43.720286+00:00 TXDATA ^C", "2018-04-19T21:59:44.004623+00:00 TXDATA ^C", "2018-04-19T21:59:49.053138+00:00 TXDATA ^C", "2018-04-19T21:59:49.739765+00:00 TXDATA ^C", "2018-04-19T21:59:50.349753+00:00 LOGOUT root", "2018-04-19T21:59:50.373627+00:00 RXDATA ", "2018-04-19T21:59:50.402295+00:00 RXDATA asdfasdf", "2018-04-19T22:00:18.216623+00:00 LOGIN root", "2018-04-19T22:00:21.386050+00:00 TXDATA rootrootakjdfaksjdf", "2018-04-19T22:00:25.145561+00:00 TXDATA rootrootakjdfaksjdfkjasdkjfakdjf", "2018-04-19T22:00:26.473879+00:00 TXDATA rootrootakjdfaksjdfkjasdkjfakdjf ", "2018-04-19T22:00:42.660939+00:00 TXDATA rootrootakjdfaksjdfkjasdkjfakdjf ^C", "2018-04-19T22:00:45.472921+00:00 TXDATA rootrootakjdfaksjdfkjasdkjfakdjf ^C~", "2018-04-19T22:00:46.456493+00:00 TXDATA rootrootakjdfaksjdfkjasdkjfakdjf ^C~.", "2018-04-19T22:00:46.887685+00:00 TXDATA rootrootakjdfaksjdfkjasdkjfakdjf ^C~.", "2018-04-19T22:00:47.057797+00:00 TXDATA ", "2018-04-19T22:00:47.236891+00:00 TXDATA ", "2018-04-19T22:00:47.413115+00:00 TXDATA ", "2018-04-19T22:00:48.328447+00:00 LOGOUT root" ], "no_of_log_lines": 20 } } /portlog_settings: type: base-type description: > logs/portlog_settings endpoint is to check and update port log settings. get: description: Retrieve the current settings. responses: 200: description: > Returns the current failover settings.
body: application/json: type: portlogSettings example: { "portlog_settings": { "facility": "daemon", "severity": "info" } } put: description: Set the port log settings. body: application/json: type: portlogSettings example: { "portlog_settings": { "facility": "cron", "severity": "critical" } } responses: 200: description: Returns the current failover settings. body: application/json: type: portlogSettings example: { "portlog_settings": { "facility": "cron", "severity": "critical" } } /monitor: description: > Used for monitoring the state of the various services running on the system. /lldp: description: > Used for monitoring the state of the various network discovery (LLDP/CDP) protocols running on the system. /chassis: type: base-type get: description: Get the current status of the network discovery (LLDP/CDP) protocols on the chassis responses: 200: description: Returns the current status of the network discovery (LLDP/CDP) protocols on the chassis. body: application/json: type: lldpChassis example: { "lldpstat": { "mac":"00:13:c6:08:07:ab", "Wlan":false, "name":"platypus", "Router":true, "Station":false, "Bridge":true, "mgmt_ip": [ "10.250.242.110", "fdcd:41a4:5559:faf2:213:c6ff:fe08:7ab" ], "descr":"description 1" } } /neighbor: type: base-type get: description: Get the neighbors responses: 200: description: Returns the neighbors. body: application/json: type: lldpNeighbor example: { "lldp-status-neighbor": [ { "remote_name":"NGCS-Switch", "port_name":"Port #1", "name":"enp3s0f1", "id":1, "port":"1", "mgmt_ip":[ "192.168.1.13" ], "remote_mac":"ec:9a:74:bc:57:e0" }, { "remote_name":"foobar.hostname", "port_name":"net1", "name":"tap1", "id":2, "port":"52:54:00:76:27:fc", "mgmt_ip": [ "192.168.0.1", "fe80::5054:ff:fe76:27fc" ], "remote_mac":"52:54:00:76:27:fc" } ] } /brute_force_protection: /bans: type: base-type description: > Used for monitoring addresses banned by Brute Force Protection. get: description: Retrieves information about IP addresses banned by Brute Force Protection responses: 200: description: Returns information about currently banned IP addresses body: application/json: type: bruteForceProtectionBans example: { "brute_force_protection_bans": [ { "jail":"sshd", "address":"1.1.1.1", "time_of_ban":1628630619, "ban_time":60, }, { "jail":"nginx-login", "address":"2.2.2.2", "time_of_ban":1628630618, "ban_time":60, }, ] } /static_routes: /status: type: base-type description: Used for monitoring the status of static routes. Only IPv4 static routes are supported. get: description: Retrieves information about the status of static routes. responses: 200: description: Returns information about the status of static routes. body: application/json: type: staticRoutesStatus example: { "static_routes_status": [ { "route": "system_net_static_routes-1", "status": "installed", "error": "", }, { "route": "system_net_static_routes-2", "status": "error", "error": "Error: Nexthop has invalid gateway.", }, ] } /services: description: > Used for working with the properties of the various services running on the system. /brute_force_protection: type: base-type description: > Provides access to the Brute Force Protection configuration on the system. When this service is enabled, the system watches for multiple failed login attempts and temporarily bans the offending IP Address for the configured amount of time. get: description: Retrieves the Brute Force Protection configuration responses: 200: description: Returns the current Brute Force Protection configuration body: application/json: type: bruteForceProtection example: { "brute_force_protection": { "ssh_enabled": true, "https_enabled": true, "max_retry": 5, "ban_time": 600, "find_time": 10 } } put: description: Set the Brute Force Protection configuration body: application/json: type: bruteForceProtection example: { "brute_force_protection": { "ssh_enabled": true, "https_enabled": true, "max_retry": 5, "ban_time": 600, "find_time": 10 } } responses: 200: description: Returns the current Brute Force Protection configuration body: application/json: type: bruteForceProtection example: { "brute_force_protection": { "ssh_enabled": true, "https_enabled": true, "max_retry": 5, "ban_time": 600, "find_time": 10 } } 400: description: Invalid request body: application/json: type: error example: error: - type: 4 code: 40 text: "Required field 'brute_force_protection.ssh_enabled' was not provided in the request" args: param: brute_force_protection.ssh_enabled level: 1 /https: type: base-type description: > Provides access to the SSL certificate used by web services on the device. get: description: Fetch HTTPS certificate details, or a CSR file if the zip flag is set. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate", "mask" ] default: "cleartext" required: false zip: description: A flag to download the CSR instead of view the details type: boolean required: false default: false responses: 200: description: Returns the certificate currently in use by the server, as well as details about any current CSR. body: application/json: type: httpsGet example: { "https": { "valid_from": "Sep 21 00:39:03 2016 GMT", "valid_to": "Sep 21 00:39:03 2016 GMT", "common_name": "CName", "country": "AU", "locality": "Toowong", "org_unit": "OU", "state": "Queensland", "email": "bob@bob.com", "organization":"Internet Widgits Pty Ltd", "key_length":2048, "cert" : "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----", "key": "-----BEGIN PRIVATE KEY-----...", "csr" : { "country": "AU", "common_name": "aa", "csr": "new", "org_unit": "Unit 1", "organization": "Org", "state": "ee", "locality": "dd", "email": "bob@bob.com", "key_length": 512, }, } } put: description: Set the HTTPS details. A certificate matching the CSR can be uploaded by setting the https.cert field, a CSR can be cancelled by sending through no https.csr body, and a new csr can be created by sending through a https.csr body with a csr value of "new". queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: httpsPut example: { "https": { "cert" : "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----", "csr" : { "country": "AU", "challenge_password": "aaa", "common_name": "aa", "state": "ee", "locality": "dd", "org_unit": "unit", "organization": "org", "key_length": 2048, "email": "bob@bob.com", "csr": "new" }, } } responses: 200: description: > Returns the updated HTTPS server details body: application/json: type: httpsGet example: { "https": { "valid_from": "Sep 21 00:39:03 2016 GMT", "valid_to": "Sep 21 00:39:03 2016 GMT", "common_name": "CName", "country": "AU", "state": "QLD", "locality": "Toowong", "org_unit": "OU", "email": "bob@bob.com", "organization":"Internet Widgits Pty Ltd", "key_length":2048, "cert" : "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----", "csr" : { "country": "AU", "common_name": "aa", "state": "ee", "locality": "dd", "org_unit": "unit", "organization": "org", "email": "bob@bob.com", "key_length": 512 }, "key": "-----BEGIN PRIVATE KEY-----..." } } 500: description: Returns an error after the operation failed. body: application/json: example: { "error": [ { type: 2, "code": 14, "text":" String did not conform to the expected format.", "args": { "uuid": "root-1-services_https_csr_email" }, "level":1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } 400: description: Returns an error after the operation failed due to invalid user input. body: application/json: example: { "error": [ { type: 2, "code": 14, "text":" String did not conform to the expected format.", "args": { "uuid": "root-1-services_https_csr_email" }, "level":1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } /tftp: type: base-type description: > Provides access to the TFTP server configuration on the system. get: description: Retrieves the TFTP server configuration. responses: 200: description: Returns the current TFTP configuration. body: application/json: type: tftpGet example: { "tftp": { "enabled": true, "path": "/mnt/nvram/srv" } } put: description: Set the TFTP server configuration. body: application/json: type: tftpGet example: { "tftp": { "enabled": true, "path": "/mnt/nvram/srv" } } responses: 200: description: Returns the current TFTP configuration. body: application/json: type: tftpGet example: { "tftp": { "enabled": true, "path": "/mnt/nvram/srv" } } 400: description: > Returns an error after the operation failed due to invalid request. body: application/json: example: { "error": [ { type: 4, "code": 40, "text": "Required field 'enabled' was not provided in the request", "args": { "param": "services_tftp_enabled-1" }, "level": 1 } ] } /ntp: type: base-type description: > Provides access to the NTP client configuration on the system. get: description: Fetch NTP client configuration. responses: 200: description: Returns the current NTP configuration. body: application/json: type: ntpGet example: { "ntp": { "enabled": true, "servers": [ { "id": "services_ntp_servers-1", "value": "0.au.pool.ntp.org" }, { "id": "services_ntp_servers-2", "value": "1.au.pool.ntp.org" } ], "id": "root-1-services_ntp" } } put: description: Set the NTP client configuration, including enabling/disabling the NTP service. body: application/json: type: ntpPut example: { "ntp": { "enabled": true, "servers": [ { "value": "0.au.pool.ntp.org" }, { "value": "2.au.pool.ntp.org" }, { "value": "3.au.pool.ntp.org" } ], } } responses: 200: description: > Returns the updated NTP configuration. body: application/json: type: ntpGet example: { "ntp": { "enabled": true, "servers": [ { "id": "services_ntp_servers-1", "value": "0.au.pool.ntp.org" }, { "id": "services_ntp_servers-2", "value": "2.au.pool.ntp.org" }, { "id": "services_ntp_servers-3", "value": "3.au.pool.ntp.org" } ], "id": "root-1-services_ntp" } } 500: description: > Error saving NTP configuration. body: application/json: example: { "error": [ { type: 2, "code": 25, "text": "'' is not a valid hostname", "args": { "address": "", "uuid": "services_ntp_servers-0" }, "level": 1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } 400: description: > Returns an error after the operation failed due to invalid request. body: application/json: example: { "error": [ { type: 4, "code": 40, "text": "Required field 'services_syslog_servers-1' was not provided in the request", "args": { "param": "services_syslog_servers-1" }, "level": 1 } ] } /lldp: type: base-type description: > Provides access to the Network Discovery Protocols (LLDP/CDP) configuration. get: description: Fetch the Network Discovery Protocols configuration. responses: 200: description: Returns the current Network Discovery Protocols configuration. body: application/json: type: getLLDPResponse example: { "lldp": { "enabled": true, "platform": "platform 1", "description": "description 1", "physifs": ["net1", "net2"] } } put: description: Modify Network Discovery Protocols configuration. body: application/json: type: putLLDP example: { "lldp": { "enabled": true, "platform": "platform 1", "description": "description 1", "physifs": ["net1", "net2"] } } responses: 200: description: Created the Network Discovery Protocols configuration. body: application/json: type: getLLDPResponse example: { "lldp": { "enabled": true, "platform": "platform 1", "description": "description 1", "physifs": ["net1", "net2"] } } /syslog: type: base-type description: > Provides access to the remote syslog server configuration. get: description: Fetch remote syslog server configuration list. responses: 200: description: Returns the current syslog server configuration. body: application/json: type: getSyslogServerListResponse example: { "syslogServers": [ { "id": "services_syslog_servers-31", "multi_field_identifier": "0.au.pool.rsyslog.org:601/UDP", "port": 601, "protocol": "UDP", "address": "0.au.pool.rsyslog.org", "description": "Remote logging server", "port_logging_enabled": true, "min_severity": "info" }, { "id": "services_syslog_servers-32", "multi_field_identifier": "2001:b:c:d::8329:602/UDP", "port": 602, "protocol": "UDP", "address": "2001:b:c:d::8329", "description": "Remote port logging server", "port_logging_enabled": false, "min_severity": "alert" } ], } post: description: Create a new syslog server data in the configuration. body: application/json: type: putSyslogServer example: { "syslogServer" : { "port": 1000, "protocol": "UDP", "address": "192.168.33.199", "description": "Remote logging server", "port_logging_enabled": true, "min_severity": "info" } } responses: 200: description: Created syslog server configuration body: application/json: type: getSyslogServerResponse example: { "syslogServer" : { "id": "services_syslog_servers-2", "multi_field_identifier": "192.168.33.199:1000/UDP", "port": 1000, "protocol": "UDP", "address": "192.168.33.199", "description": "Remote logging server", "port_logging_enabled": true, "min_severity": "info" } } 400: description: Failed to initiate syslog server creation due to error in post body. body: application/json: example: { "error": [ { "type": 2, "code": 22, "text": "Element [protocol] is of the wrong type", "args": { "uuid": "protocol" }, "level": 1 } ] } /{syslog_server_id}: type: base-type uriParameters: syslog_server_id: description: unique identifier for syslog servers displayName: syslog_server_id get: description: Fetch a configured syslog server by id. responses: 200: description: > Returns the requested syslog server configuration. body: application/json: type: getSyslogServerResponse example: { "syslogServer": { "id": "services_syslog_servers-1", "multi_field_identifier": "192.168.33.200:705/UDP", "port": 705, "protocol": "UDP", "address": "192.168.33.200", "description": "Remote logging server", "port_logging_enabled": false, "min_severity": "warning" } } 500: description: > Error saving syslog configuration. body: application/json: example: { "error": [ { type: 2, "code": 25, "text": "'' is not a valid hostname", "args": { "address": "", "uuid": "services_syslog_servers-1" }, "level": 1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } 400: description: > Returns an error after the operation failed due to invalid request. body: application/json: example: { "error": [ { type: 4, "code": 40, "text": "Required field 'services_syslog-1' was not provided in the request", "args": { "param": "services_syslog_servers-1" }, "level": 1 } ] } put: description: Set the syslog server configuration body: application/json: type: putSyslogServer example: { "syslogServer" : { "address": "192.168.33.199", "port": 1000, "protocol": "UDP", "description": "Remote logging server", "port_logging_enabled": false, "min_severity": "debug" } } responses: 200: description: > Returns the updated syslog server configuration. body: application/json: type: getSyslogServerResponse example: { "syslogServer": { "id": "services_syslog_servers-1", "multi_field_identifier": "192.168.33.200:705/UDP", "port": 705, "protocol": "UDP", "address": "192.168.33.200", "description": "Remote logging server", "port_logging_enabled": false, "min_severity": "debug" } } 500: description: > Error saving syslog configuration. body: application/json: example: { "error": [ { type: 2, "code": 25, "text": "'' is not a valid hostname", "args": { "address": "", "uuid": "services_syslog_servers-1" }, "level": 1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } 400: description: > Returns an error after the operation failed due to invalid request. body: application/json: example: { "error": [ { type: 4, "code": 40, "text": "Required field 'services_syslog-1' was not provided in the request", "args": { "param": "services_syslog_servers-1" }, "level": 1 } ] } delete: description: Delete a syslog server. responses: 200: description: syslog server deleted 400: description: > Returns an error after the operation failed due to invalid request. body: application/json: example: { "error": [ { type: 4, "code": 40, "text": "Required field 'services_syslog-1' was not provided in the request", "args": { "param": "services_syslog_servers-1" }, "level": 1 } ] } 404: description: syslog server does not exist body: application/json: example: { "error": [ { "type": 5, "code": 29, "text": "Could not find element with UUID 'services_syslog_servers-2'", "args": { "uuid": "services_syslog_servers-2" }, "level": 1 } ] } /snmp_manager: (deprecated): replaceWith: /services/snmp_alert_managers since: 10/2020 type: base-type description: > Retrieve and configure the SNMP TRAP/INFORM settings. get: description: Get the snmp manager legacy configuration. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "masked" ] default: "cleartext" required: false responses: 200: body: application/json: type: snmpManagerResponse example: { "snmp_manager": { "id": "snmp_manager_1", "multi_field_identifier": "snmp.example.com:167/UDP", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "username": "michaelf", "engine_id": "0x80001f8803555000000000", "version": v3, "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "msg_type": "TRAP", "address": "snmp.example.com", "port": 167, } } put: description: Set the snmp manager legacy configuration. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: snmpManager example: { "snmp_manager": { "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "auth_password": "secret123", "username": "michaelf", "engine_id": "0x80001f8803555000000000", "version" : "v3", "privacy_protocol": "DES", "privacy_password": "secret123", "security_level": "noAuthNoPriv", "msg_type": "TRAP", "address": "snmp.example.com", "port": 167, } } responses: 200: body: application/json: type: snmpManagerResponse example: { "snmp_manager": { "id": "snmp_manager_1", "multi_field_identifier": "snmp.example.com:167/UDP", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "username": "michaelf", "engine_id": "0x80001f8803555000000000", "version" : "v3", "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "msg_type": "TRAP", "address": "snmp.example.com", "port": 167, } } /snmp_alert_managers: type: base-type description: > Retrieve and configure the SNMP TRAP/INFORM settings. get: description: Get the snmp manager configuration. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "masked" ] default: "cleartext" required: false responses: 200: body: application/json: type: getSnmpAlertManagerList example: { "snmp_alert_managers": [ { "id": "snmp_manager_1", "multi_field_identifier": "snmp.example.com:167/UDP", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "username": "michaelf", "engine_id": "0x80001f8803555000000000", "version": v3, "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "msg_type": "TRAP", "address": "snmp.example.com", "port": 167, } ] } post: description: Add a new snmp manager. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: snmpAlertManager example: { "snmp_alert_manager": { "name": "A SNMP Alert Manager", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "username": "michaelf", "engine_id": "0x80001f8803555000000000", "version": v3, "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "msg_type": "TRAP", "address": "snmp.example.com", "port": 167, } } responses: 200: description: The snmp manager was added. body: application/json: type: snmpAlertManagerResponse example: { "snmp_alert_manager": { "id": "snmp_manager_1", "multi_field_identifier": "snmp.example.com:167/UDP", "name": "A SNMP Alert Manager", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "username": "michaelf", "engine_id": "0x80001f8803555000000000", "version": v3, "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "msg_type": "TRAP", "address": "snmp.example.com", "port": 167, } } /{id}: type: base-type # snmp_alert_managers.get get: description: Get the configuration of an SNMP Manager queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "masked" ] default: "cleartext" required: false responses: 200: body: application/json: type: snmpAlertManagerResponse example: { "snmp_alert_manager": { "id": "snmp_manager_1", "multi_field_identifier": "snmp.example.com:167/UDP", "name": "A SNMP Alert Manager", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "username": "michaelf", "engine_id": "0x80001f8803555000000000", "version": v3, "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "msg_type": "TRAP", "address": "snmp.example.com", "port": 167, } } # snmp_alert_managers.put put: description: > Update settings for SNMP Managers on the Operations Manager appliance. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: snmpAlertManager example: { "snmp_alert_manager": { "name": "Existing SNMP Alert Manager", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "username": "user1", "engine_id": "0x80001f8803555000000000", "version": v3, "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "msg_type": "TRAP", "address": "snmp.example.com", "port": 167, } } responses: 200: body: application/json: type: snmpAlertManagerResponse example: { "snmp_alert_manager": { "id": "snmp_manager_1", "multi_field_identifier": "snmp.example.com:167/UDP-v3-TRAP", "name": "A SNMP Alert Manager", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "username": "michaelf", "engine_id": "0x80001f8803555000000000", "version": v3, "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "msg_type": "TRAP", "address": "snmp.example.com", "port": 167, } } # snmp_alert_managers.delete delete: displayName: deleteSnmpManager description: > Delete an snmp manager responses: 200: description: snmp manager deleted /snmpd: type: base-type description: > Retrieve and configure the SNMP Daemon settings. get: description: Get the snmpd configuration. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "masked" ] default: "cleartext" required: false responses: 200: body: application/json: type: snmpd example: { "snmpd": { "port": 161, "protocol": "UDP", "enable_legacy_versions": true, "rocommunity": "public", "rwcommunity": "private", "enable_secure_snmp": true, "security_level": "priv", "security_name": "newuser", "engine_id": "0x80001f8803555000000000", "auth_protocol": "MD5", "auth_use_plaintext": true, "auth_password": "authPassword", "auth_localized_key": "0x123456789ABCDEF", "priv_protocol": "DES", "priv_use_plaintext": true, "priv_password": "privPassword", "priv_localized_key": "0xFEDCBA987654321", } } put: description: Set the snmpd configuration. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: snmpd example: { "snmpd": { "port": 161, "protocol": "UDP", "enable_legacy_versions": true, "rocommunity": "public", "rwcommunity": "private", "enable_secure_snmp": true, "security_level": "priv", "security_name": "newuser", "engine_id": "0x80001f8803555000000000", "auth_protocol": "MD5", "auth_use_plaintext": true, "auth_password": "authPassword", "auth_localized_key": "0x123456789ABCDEF", "priv_protocol": "DES", "priv_use_plaintext": true, "priv_password": "privPassword", "priv_localized_key": "0xFEDCBA987654321", } } responses: 200: body: application/json: type: snmpd example: { "snmpd": { "port": 161, "protocol": "UDP", "enable_legacy_versions": true, "rocommunity": "public", "rwcommunity": "private", "enable_secure_snmp": true, "security_level": "priv", "security_name": "newuser", "engine_id": "0x80001f8803555000000000", "auth_protocol": "MD5", "auth_use_plaintext": true, "auth_password": "authPassword", "auth_localized_key": "0x123456789ABCDEF", "priv_protocol": "DES", "priv_use_plaintext": true, "priv_password": "privPassword", "priv_localized_key": "0xFEDCBA987654321", } } 500: description: Failed to save the configuration. body: application/json: type: error 400: description: > Returns an error after the operation failed due to incomplete data. body: application/json: example: { "error": [ { type: 4, "code": 40, "text": "Required field 'priv_localized_key' was not provided in the request", "args": { "param": "priv_localized_key" }, "level": 1 } ] } /ssh: type: base-type get: description: Fetch the current ssh delimiter. responses: 200: body: application/json: type: sshResponse example: { "ssh": { "ssh_url_delimiter": "+" } } put: description: Set the config parameters related to the SSH service. body: application/json: type: sshPut example: { "ssh": { "ssh_url_delimiter": "+" } } responses: 200: body: application/json: type: sshResponse example: { "ssh": { "ssh_url_delimiter": "+" } } /routing: type: base-type get: description: Fetch the configuration for the available routing daemons. responses: 200: body: application/json: type: routingDaemon example: { "routing": { "bgpd": { "enabled": true }, "isisd": { "enabled": false }, "ripd": { "enabled": true }, "ospfd": { "enabled": false } } } put: description: Set the configuration for the available routing daemons. body: application/json: type: routingDaemon example: { "routing": { "bgpd": { "enabled": true }, "isisd": { "enabled": false }, "ripd": { "enabled": true }, "ospfd": { "enabled": false } } } responses: 200: body: application/json: type: routingDaemon example: { "routing": { "bgpd": { "enabled": true }, "isisd": { "enabled": false }, "ripd": { "enabled": true }, "ospfd": { "enabled": false } } } 500: description: Failed to save the configuration. body: application/json: type: error 400: description: > Returns an error after the operation failed due to incomplete data. body: application/json: example: { "error": [ { type: 4, "code": 40, "text": "Required field 'bgpd' was not provided in the request", "args": { "param": "bgpd" }, "level": 1 } ] } /alerts: type: base-type description: > Used to configure various types of alerts /authentication: (deprecated): replaceWith: /monitoring/alerts/system since: 12/2020 type: base-type description: Retrieve and configure Authentication Trap Group settings. get: description: Get the authentication trap group settings. responses: 200: body: application/json: type: authenticationAlert example: { "authentication_trap_group": { "enabled": true } } put: description: Set the authentication trap group settings. body: application/json: type: authenticationAlert example: { "authentication_trap_group": { "enabled": true } } responses: 200: body: application/json: type: authenticationAlert example: { "authentication_trap_group": { "enabled": true } } /system: (deprecated): replaceWith: /monitoring/alerts/power since: 12/2020 type: base-type description: Retrieve and configure System Trap Group settings. get: description: Get the system trap group settings. responses: 200: body: application/json: type: systemAlert example: { "system_trap_group": { "enabled": true, "power_supply_millivolt_lower": 11000, "power_supply_millivolt_upper": 13000 } } put: description: Set the system trap group settings. body: application/json: type: systemAlert example: { "system_trap_group": { "enabled": true, "power_supply_millivolt_lower": 11000, "power_supply_millivolt_upper": 13000 } } responses: 200: body: application/json: type: systemAlert example: { "system_trap_group": { "enabled": true, "power_supply_millivolt_lower": 11000, "power_supply_millivolt_upper": 13000 } } /networking: (deprecated): replaceWith: /monitoring/alerts/networking since: 12/2020 type: base-type description: Retrieve and configure Networking Trap Group settings. get: description: Get the networking trap group settings. responses: 200: body: application/json: type: networkingAlert examples: example1: description: With a cell modem value: { "networking_trap_group": { "enabled": true, "signal_strength_threshold_lower": 33, "signal_strength_threshold_upper": 66 } } example2: description: Without a cell modem value: { "networking_trap_group": { "enabled": true } } put: description: Set the networking trap group settings. body: application/json: type: networkingAlert examples: example1: description: With a cell modem value: { "networking_trap_group": { "enabled": true, "signal_strength_threshold_lower": 33, "signal_strength_threshold_upper": 66 } } example2: description: Without a cell modem value: { "networking_trap_group": { "enabled": true } } responses: 200: body: application/json: type: networkingAlert examples: example1: description: With a cell modem value: { "networking_trap_group": { "enabled": true, "signal_strength_threshold_lower": 33, "signal_strength_threshold_upper": 66 } } example2: description: Without a cell modem value: { "networking_trap_group": { "enabled": true } } /config_change: (deprecated): replaceWith: /monitoring/alerts/system since: 12/2020 type: base-type description: Retrieve and configure config change trap group settings. get: description: Get the config change trap group settings. responses: 200: body: application/json: type: configChangeAlert example: { "config_change_trap_group": { "enabled": true } } put: description: Set the config trap group settings. body: application/json: type: configChangeAlert example: { "config_change_trap_group": { "enabled": true } } responses: 200: body: application/json: type: configChangeAlert example: { "config_change_trap_group": { "enabled": true } } /monitoring: type: base-type description: > Used to configure various types of monitoring systems /alerts: type: base-type description: > Used to configure various types of alerts /networking: type: base-type description: Retrieve and configure Networking Alert Group settings. get: description: Get the networking alert group settings. responses: 200: body: application/json: type: networkingAlertGroup examples: example1: description: All network alerts enabled. value: { "networking_alert_group": { "cell_signal_strength_alert": { "enabled": true, "threshold_lower": 33, "threshold_upper": 66 } } } example2: description: All network alerts enabled when there is no cell modem (Network link state is enabled under cell_signal_strength_alert). value: { "networking_alert_group": { "cell_signal_strength_alert": { "enabled": true } } } put: description: Set the networking alert group settings. body: application/json: type: networkingAlertGroup examples: example1: description: Enable all network alerts. value: { "networking_alert_group": { "cell_signal_strength_alert": { "enabled": true, "threshold_lower": 33, "threshold_upper": 66 } } } example2: description: Enable all network alerts when there is no cell modem (Enables network link state under cell_signal_strength_alert). value: { "networking_alert_group": { "cell_signal_strength_alert": { "enabled": true } } } example3: description: Disable all network alerts. value: { "networking_alert_group": {} } responses: 200: body: application/json: type: networkingAlertGroup examples: example1: description: All network alerts enabled. value: { "networking_alert_group": { "cell_signal_strength_alert": { "enabled": true, "threshold_lower": 33, "threshold_upper": 66 } } } example2: description: All network alerts enabled when there is no cell modem (Network link state is enabled under cell_signal_strength_alert). value: { "networking_alert_group": { "cell_signal_strength_alert": { "enabled": true, } } } /power: type: base-type description: Retrieve and configure Power Alert Group settings. get: description: Get the power alert group settings. responses: 200: body: application/json: type: powerAlertGroup example: { "power_alert_group": { "power_supply_voltage_alert": { "enabled": true, "millivolt_lower": 11000, "millivolt_upper": 13000 } } } put: description: Set the power alert group settings. body: application/json: type: powerAlertGroup examples: example1: description: Enable all power alerts. value: { "power_alert_group": { "power_supply_voltage_alert": { "enabled": true, "millivolt_lower": 11000, "millivolt_upper": 13000 } } } example2: description: Disable all power alerts. value: { "power_alert_group": {} } responses: 200: body: application/json: type: powerAlertGroup example: { "power_alert_group": { "power_supply_voltage_alert": { "enabled": true, "millivolt_lower": 11000, "millivolt_upper": 13000 } } } /system: type: base-type description: Retrieve and configure System Alert Group settings. get: description: Get the system alert group settings. responses: 200: body: application/json: type: systemAlertGroup example: { "system_alert_group": { "authentication_alert": { "enabled": true }, "config_change_alert": { "enabled": true }, "temperature_alert": { "enabled": true, "threshold_lower": 35, "threshold_upper": 67 } } } put: description: Set the system alert group settings. body: application/json: type: systemAlertGroup examples: example1: description: Enable all system alerts. value: { "system_alert_group": { "authentication_alert": { "enabled": true }, "config_change_alert": { "enabled": true }, "temperature_alert": { "enabled": true, "threshold_lower": 35, "threshold_upper": 67 } } } example2: description: Disable all system alerts. value: { "system_alert_group": {} } responses: 200: body: application/json: type: systemAlertGroup example: { "system_alert_group": { "authentication_alert": { "enabled": true }, "config_change_alert": { "enabled": true }, "temperature_alert": { "enabled": true, "threshold_lower": 35, "threshold_upper": 67 } } } /physifs: description: > Read and manipulate the network physical interfaces on the Operations Manager appliance. type: base-type # Interface.getList get: description: > Get a list of the network interfaces on the Operations Manager appliance displayName: getPhysifs queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask" ] default: "cleartext" required: false responses: 200: body: application/json: type: getPhysifList example: { "physifs": [ { "enabled": true, "id": "system_net_physifs-1", "name": "init_net1", "media": "ethernet", "mtu" : 1500, "device": "net1", "mac_address": "00:00:de:ad:be:f1", "dns": { "nameservers": [], "search_domains": [], }, "runtime_status": { "status": "UP", "id": "system_net_physifs-1" }, "ethernet_setting": { "id": "system_net_physifs-1", "link_speed": "auto" }, "description": "NET1 - 10G SFP+" }, { "enabled": true, "id": "system_net_physifs-2", "name": "init_net2", "media": "ethernet", "mtu": 1400, "device": "net2", "mac_address": "00:00:de:ad:be:f1", "dns": { "nameservers": [], "search_domains": [], }, "runtime_status": { "status": "UP", "id": "system_net_physifs-2" }, "ethernet_setting": { "id": "system_net_physifs-2", "link_speed": "auto" }, "description": "NET2 - 1G Copper/SFP" }, { "enabled": false, "id": "system_net_physifs-3", "name": "init_cellular", "media": "cellular", "device": "wwan0", "mac_address": "00:00:de:ad:be:f3", "dns": { "nameservers": [], "search_domains": [], }, "runtime_status": { "id": "system_net_physifs-3_runtime_status", "status": "ENABLED" }, "cellular_setting": { "id": "system_net_physifs-3_cellular_setting", "active_sim": 2, "sim_failover_policy": "never", "sim_failback_policy": "never", "sims": [{ "id": "system_net_physifs-3_cellular_setting_sims-1", "slot": 1, "apn": "vzwinternet", "iptype": "IPv4v6", "runtime_status": { "id": "system_net_physifs-3_cellular_setting_sims-1_runtime_status", "status": "DISABLED", }, },{ "id": "system_net_physifs-3_cellular_setting_sims-2", "slot": 2, "apn": "i2gold", "iptype": "IPv4v6", "runtime_status": { "id": "system_net_physifs-3_cellular_setting_sims-2_runtime_status", "status": "ENABLED", }, }], }, "description": "Cellular Interface (LTE)" } ] } post: description: Add a new interface to the Operations Manager appliance. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: postPhysif examples: example1: { "physif": { "enabled": true, "media": "bridge", "slaves": ["net1", "net2"], "dns": { "nameservers": [], "search_domains": [], }, } } example2: { "physif": { "enabled": true, "media": "bond", "slaves": ["net1", "net2"], "bond_setting": { "mode": "balance-rr" }, "device": "bnd2" } } responses: 200: description: The new physif is returned. body: application/json: type: physifItem example: { "physif": { "id": "system_net_physifs-5", "enabled": true, "name": "init_br0", "media": "bridge", "device": "br0", "mac_address": "00:00:de:ad:be:f1", "description": "BR0 - Aggregate", "slaves": ["net1", "net2"], "dns": { "nameservers": [], "search_domains": [], }, "runtime_status": { "status": "UP", "id": "system_net_physifs-5" } } } 400: description: > Validation failure. For example, invalid or missing fields. Slave interfaces not valid. put: description: > Update a list of the network interfaces on the Operations Manager appliance body: application/json: type: putPhysifList example: { "physifs": [ { "enabled": true, "media": "ethernet", "mtu" : 1500, "device": "net1", "ethernet_setting": { "link_speed": "auto" }, "description": "NET1 - 10G SFP+" }, { "enabled": true, "media": "ethernet", "mtu": 1400, "device": "net2", "ethernet_setting": { "link_speed": "auto" }, "description": "NET2 - 1G Copper/SFP" }, { "enabled": false, "media": "cellular", "device": "wwan0", "cellular_setting": { "active_sim": 2, "sim_failover_policy": "never", "sim_failback_policy": "never", "sims": [{ "slot": 1, "apn": "vzwinternet", "iptype": "IPv4v6", }, { "slot": 2, "apn": "i2gold", "iptype": "IPv4v6", }], }, "description": "Cellular Interface (LTE)" }, { "enabled": true, "media": "bridge", "slaves": ["net1", "net2"] } ] } responses: 200: body: application/json: type: getPhysifList 400: description: > Validation failure. For example, invalid or missing fields. Slave interfaces not valid. /{id}: type: base-type get: description: > Get a network interface on the Operations Manager appliance by id. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask" ] default: "cleartext" required: false responses: 200: body: application/json: type: physifItem example: { "physif": { "enabled": true, "id": "system_net_physifs-2", "name": "init_net2", "media": "ethernet", "device": "net2", "mac_address": "00:00:de:ad:be:f0", "dns": { "nameservers": ["9.9.9.9", "8.8.8.8"], "search_domains": ["iot", "foobar.iot"], }, "runtime_status": { "status": "UP", "id": "system_net_physifs-2" }, "ethernet_setting": { "id": "system_net_physifs-2", "link_speed": "auto" }, "description": "NET2 - 1G Copper/SFP" } } put: description: > Update settings for a network interface on the Operations Manager appliance queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: putPhysif example: { "physif": { "enabled": true, "ethernet_setting":{ "link_speed":"auto", }, } } responses: 200: description: > The physif {id} settings was updated. body: application/json: type: physifItem example: { "physif": { "enabled": true, "id": "system_net_physifs-2", "name": "init_net2", "media": "ethernet", "device": "net2", "mac_address": "00:00:de:ad:be:f0", "dns": { "nameservers": [], "search_domains": [], }, "runtime_status": { "status": "UP", "id": "system_net_physifs-2" }, "ethernet_setting": { "id": "system_net_physifs-2", "link_speed": "auto" }, "description": "NET2 - 1G Copper/SFP" } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: physif id parameter missing. 404: description: > physif {id} does not exist. Attempted to change read only fields. Attempted to change unknown fields. delete: description: > Delete a network interface by id. Currently only aggregate interfaces can be deleted. responses: 200: description: > The aggregate physif {id} was deleted. 404: description: > physif {id} does not exist. physif {id} is not an aggregate interface. /conns: description: > Read and manipulate the network connections on the Operations Manager appliance. type: base-type # Conn.getList get: description: > Get a list of the network connections on the server. displayName: getConns responses: 200: body: application/json: type: getConnList example: { "conns": [ { name: "default-conn-1", description: "IPv4 static network connection", "physif": "net1", "mode": "static", "ipv4_static_settings": { "id": "system_net_conns-1", "netmask": "255.255.255.0", "address": "192.168.87.156", "gateway": "192.168.87.100", "broadcast": "192.168.87.255", "dns1": "192.168.87.100", "dns2": "192.168.87.100", }, "runtime_status": { "status": "running", "last_status_change": 1471506633, "id": "system_net_conns-1", "addresses": [ { "id": "system_net_conns-address-1", "address": "192.168.87.156", "netmask": "255.255.255.0", } ], "gateway":"192.168.87.254", "dns1":"8.8.8.8", "dns2":"192.168.33.254" }, "id": "system_net_conns-1" }, { name: "default-conn-2", description: "IPv6 static network connection", "physif": "net1", "mode": "ipv6_static", "ipv6_static_settings": { "id": "system_net_conns-1", "address": "2001:b:c:d::8329", "prefix_length": "64", "gateway": "2001:b:c:d::254", "dns1": "DDDD:0002:3008:8CFD:00AB:0002:3008:AAAA", "dns2": "DDDD:0002:3008:8CFD:00AB:0002:3008:BBBB", }, "runtime_status": { "status": "running", "last_status_change": 1471506633, "id": "system_net_conns-2", "addresses": [ { "id": "system_net_conns-2-address-1", "address": "2001:b:c:d::8329", "prefix_length": 64, }, { "id": "system_net_conns-2-address-2", "address": "2001:b:c:d::8320", "netmask": "64", } ], "gateway":"192.168.87.254", "dns1":"DDDD:0002:3008:8CFD:00AB:0002:3008:AAAA", "dns2": "DDDD:0002:3008:8CFD:00AB:0002:3008:BBBB", }, "id": "system_net_conns-3" } ], } #conns.post post: description: Add a new network connection to the Operations Manager appliance. body: application/json: type: putConnItem example: { "conn": { "ipv4_static_settings": { "netmask": "255.255.255.0", "address": "192.168.87.156", "gateway": "192.168.87.100", "broadcast": "192.168.87.255", "dns1": "192.168.87.100", "dns2": "192.168.87.100", }, "mode": "static", "physif": "net1" } } responses: 200: description: The conn \{id} settings was updated. body: application/json: type: connItem example: { "conn": { "name": "default-conn-2", "ipv4_static_settings": { "netmask": "255.255.255.0", "address": "192.168.87.156", "gateway": "192.168.87.100", "broadcast": "192.168.87.255", "dns1": "192.168.87.100", "dns2": "192.168.87.100", }, "id": "system_net_conns-9", "mode": "static", "physif": "net1", "runtime_status": { "status": "reloading", "addresses": [ { "id": "system_net_conns-9" } ], "last_status_change": 1536209633, "id": "system_net_conns-9" } } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: conn id parameter missing. 404: description: > Conn {id} does not exist. Attempted to change read only fields. Attempted to change unknown fields. /{id}: type: base-type # Conn.get get: description: > Get the configuration of a network connection on the Operations Manager appliance responses: 200: body: application/json: type: connItem example: { "conn": { "name": "default-conn-1", "ipv4_static_settings": { "id": "system_net_conns-1", "netmask": "255.255.255.0", "address": "192.168.87.156", "gateway": "192.168.87.100", "broadcast": "192.168.87.255", "dns1": "192.168.87.100", "dns2": "192.168.87.100", }, "id": "system_net_conns-1", "mode": "static", description: "Default static network connection", "physif": "net1", "runtime_status": { "status": "reloading", "addresses": [ { "id": "system_net_conns-1" } ], "last_status_change": 1536210047, "id": "system_net_conns-2" } } } # Conn.put put: description: > Update settings for a network connection on the Operations Manager appliance. body: application/json: type: putConnItem example: { "conn": { "ipv4_static_settings": { "netmask": "255.255.255.0", "address": "192.168.87.156", "gateway": "192.168.87.100", "broadcast": "192.168.87.255", "dns1": "192.168.87.100", "dns2": "192.168.87.100", }, "mode": "static", "physif": "net1" } } responses: 200: description: The conn settings were updated. body: application/json: type: connItem example: { "conn": { "name": "default-conn-2", "ipv4_static_settings": { "broadcast": "192.168.87.255", "gateway": "192.168.87.100", "address": "192.168.87.156", "id": "system_net_conns-2", "dns2": "192.168.87.100", "dns1": "192.168.87.100", "netmask": "255.255.255.0", }, "id": "system_net_conns-2", "mode": "static", "physif": "net1", "runtime_status": { "status": "reloading", "addresses": [ { "id": "system_net_conns-2" } ], "last_status_change": 1536210052, "id": "system_net_conns-2" } } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: conn id parameter missing. 404: description: > Conn {id} does not exist. Attempted to change read only fields. Attempted to change unknown fields. #conns.delete delete: displayName: deleteConn description: > Delete a network connection on the Operations Manager appliance. responses: 200: description: Conn deleted 404: description: User did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find conn with name or id 'system_net_conns-1'", "args": { "uuid": "system_net_conns-1" }, "level": 1 } ] } /static_routes: description: > Configuring and viewing static routes type: base-type get: description: Get list of static routes responses: 200: body: application/json: type: getStaticRoutesList examples: example1: description: Gets two static routes value: { "static_routes": [ { "id": "system_net_static_routes-1", "destination_address": "192.168.10.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net1", "metric": 100, "multi_field_identifier": "192.168.10.0/24-100" }, { "id": "system_net_static_routes-2", "destination_address": "192.168.20.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net2", "multi_field_identifier": "192.168.20.0/24" } ] } example2: description: No static routes present value: { "static_routes": [] } put: description: Create a list of static routes. Overwrite existing routes body: application/json: type: putStaticRoutesList examples: example1: description: Sets two routes value: { "static_routes": [ { "destination_address": "192.168.10.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net1", "metric": 100 }, { "destination_address": "192.168.20.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net2", "metric": 100 } ] } responses: 200: description: List of static routes body: application/json: type: getStaticRoutesList example: { "static_routes": [ { "id": "system_net_static_routes-1", "destination_address": "192.168.10.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net1", "metric": 100, "multi_field_identifier": "192.168.10.0/24-100" }, { "id": "system_net_static_routes-2", "destination_address": "192.168.20.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net2", "metric": 100, "multi_field_identifier": "192.168.20.0/24-100" } ] } post: description: Add a static route body: application/json: type: postStaticRouteItem example: { "static_route": { "destination_address": "192.168.10.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net1", "metric": 100 } } responses: 200: description: Static route was created body: application/json: type: postStaticRouteItemResult example: { "static_route": { "id": "system_net_static_routes-1", "destination_address": "192.168.10.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net1", "metric": 100, "multi_field_identifier": "192.168.10.0/24-100" } } 400: description: Failed to create static route delete: description: Delete all static routes responses: 204: description: Static routes were removed /{id}: type: base-type get: description: Get the configuration of a static route by its id. responses: 200: description: The requested static route configuration. body: application/json: type: getStaticRouteItem example: { "static_route": { "id": "system_net_static_routes-1", "destination_address": "192.168.10.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net1", "metric": 100, "multi_field_identifier": "192.168.10.0/24-100" }, } 404: description: The static route doesn't exist. body: application/json: type: error example: { "error": [ { "type": 5, "code": 29, "text": "Could not find static_route with multi_field_identifier or id 'system_net_static_routes-1'", "args": { "uuid": "system_net_static_routes-1" }, "level": 1 } ] } put: description: Set the properties of a static route. body: application/json: type: putStaticRouteItem example: { "static_route": { "destination_address": "192.168.10.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net1", "metric": 100 } } responses: 200: description: The updated static route configuration. body: application/json: type: getStaticRouteItem example: { "static_route": { "id": "system_net_static_routes-1", "destination_address": "192.168.10.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net1", "metric": 100, "multi_field_identifier": "192.168.10.0/24-100", }, } 400: description: > Invalid request: Body is not json or does not conform to required json schema. 404: description: The static route doesn't exist. body: application/json: type: error example: { "error": [ { "type": 5, "code": 29, "text": "Could not find static_route with multi_field_identifier or id 'system_net_static_routes-1'", "args": { "uuid": "system_net_static_routes-1" }, "level": 1 } ] } delete: description: Delete a static route responses: 204: description: Static route deleted 400: description: Static route does not exist /lighthouse_enrollments: description: > View and control enrollment to a lighthouse type: base-type get: description: Get the information about the lighthouse enrollments responses: 200: body: application/json: type: lighthouseEnrollmentsList example: { "lighthouse-enrollments": [ { "port": 443, "address": "192.168.0.1", "id": "lighthouse_enrollments-1", "bundle": "bundle", "status": "Enrolling" } ] } post: description: Create a new lighthouse enrollment body: application/json: type: lighthouseEnrollmentPost example: { "lighthouse_enrollment": { "address": "192.168.0.1", "token": "password", "bundle": "bundle-1", "port": 8443 } } responses: 201: description: The new lighthouse enrollment was successfully created and callhome enrollment was started. body: application/json: type: lighthouseEnrollmentItem example: { "lighthouse_enrollment": { "id": "lighthouse_enrollments-1", "port": 8443, "status": "Enrolling", "address": "192.168.0.1" } } 400: description: > Invalid request: body is not json or does not conform to required json schema. /{id}: type: base-type uriParameters: id: description: ID of the lighthouse-enrollment to fetch displayName: id example: lighthouse_enrollment-2 get: description: Get lighthouse-enrollment information by id. responses: 200: body: application/json: type: lighthouseEnrollmentItem example: { "lighthouse_enrollment": { "id": "lighthouse_enrollments-2", "port": 443, "status": "Connected", "address": "192.168.0.1" } } 404: description: The lighthouse-enrollment doesn't exist. body: application/json: type: object example: { "error": [ { "type": 5, "code": 29, "text": "Could not find lighthouse_enrollment with address or id 'lighthouse_enrollments-6'", "args": { "uuid": "lighthouse_enrollments-6" }, "level": 1 } ] } delete: description: Delete lighthouse enrollment object and begin unenrollment responses: 200: body: application/json: type: object example: { "message": "OK" } 404: body: application/json: type: object example: { "error": [ { "type": 5, "code": 29, "text": "Could not find lighthouse_enrollment with address or id 'lighthouse_enrollments-20'", "args": { "uuid": "lighthouse_enrollments-20" }, "level": 1 } ] } /registration: description: Registration endpoint accessed by a Lighthouse to start Lighthouse driven enrollment type: base-type post: description: Initial contact from Lighthouse to start the Enrollment process body: application/json: type: registrationItem example: { "id": "nodes-1", "server": "192.168.0.1", "server_api_port": 8443, "package_password": "password", "lh_ext_eps": [ { "server": "162.168.0.1", "server_api_port" : 8443, "server_vpn_port" : 1121 }, { "server" : "162.168.0.2", "server_api_port" : 601, "server_vpn_port" : 1121 } ] } responses: 201: body: application/json: type: object example: { "message": "OK" } 400: description: > Invalid request: body is not json or does not conform to required json schema. body: application/json: type: object example: { "error": [ { "type": 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } delete: description: Remove connection to this lighthouse responses: 200: body: application/json: type: object example: { "message": "OK" } 500: description: Internal Server Error /{id}: type: base-type description: Remove a connection to a given Lighthouse by ID uriParameters: id: description: The lighthouse system name displayName: id example: lighthouse-5633-1563 delete: responses: 200: description: Lighthouse connection removed successfully body: application/json: example: { "message":"OK" } 400: description: Invalid request body: application/json: type: object example: { "error": "Parameter 'id' not provided." } 404: description: Not found body: application/json: 500: description: Internal server error body: application/json: /{id}/server_address: type: base-type description: Update the lhvpn_tunnel server address uriParameters: id: description: The lighthouse system name displayName: id example: lighthouse-5633-1563 put: body: application/json: type: registrationAddress example: { "address": "192.168.0.1" } responses: 200: body: application/json: type: object example: { "message": "OK" } 400: description: > Invalid request: body is not json or does not conform to required json schema. body: application/json: type: object example: { "error": [ { "type": 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } 404: body: application/json: type: object example: { "error": [ { "type": 5, "code": 29, "text": "Could not find element with UUID 'nodes-1'", "args": { "uuid": "nodes-1" }, "level": 1 } ] } /system: description: > System endpoints are related to configuring and accessing information about the Operations Manager appliance itself. /diskspace: type: base-type description: Retrieve the system's Disk Space usage get: responses: 200: body: application/json: type: systemDiskSpace example: { system_disk_space: [ { path: "/etc", total_space: 511044485120, free_space: 401935421440 }, { path: "/tmp", total_space: 511044485120, free_space: 401935421440 }, { path: "/mnt/nvram", total_space: 511044485120, free_space: 401935421440 }, ] } /hostname: type: base-type description: Retrieve or change the Operations Manager appliance system's hostname. get: description: Get the Operations Manager appliance hostname. responses: 200: body: application/json: type: systemHostname example: { system_hostname: { hostname: "OM2000" } } put: description: Set the Operations Manager appliance hostname. body: application/json: type: systemHostname example: { system_hostname: { hostname: "OM2000" } } responses: 200: body: application/json: type: systemHostname example: { system_hostname: { hostname: "OM2000" } } /banner: type: base-type description: Retrieve or change the Operations Manager appliance system's banner text. get: description: Get the Operations Manager appliance banner text. responses: 200: body: application/json: type: systemBanner example: { system_banner: { banner: "********************************************************************************\nUNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED\nYou must have explicit, authorized permission to access or configure this\n device. Unauthorized attempts and actions to access or use this system may\n result in civil and/or criminal penalties. All activities performed on this\n device are logged and monitored.\n********************************************************************************" } } put: description: Set the Operations Manager appliance banner text. body: application/json: type: systemBanner example: { system_banner: { banner: "********************************************************************************\nUNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED\nYou must have explicit, authorized permission to access or configure this\n device. Unauthorized attempts and actions to access or use this system may\n result in civil and/or criminal penalties. All activities performed on this\n device are logged and monitored.\n********************************************************************************" } } responses: 200: body: application/json: type: systemBanner example: { system_banner: { banner: "A new banner\nWith 2 lines" } } /cloud_connect: type: base-type description: Retrieve or change the Operations Manager appliance system's cloud connect configuration. get: description: Get the Operations Manager appliance cloud connect configuration. responses: 200: body: application/json: type: systemCloudConnect example: { system_cloud_connect: { cloud_connect_url: "tm1.digi.com", cloud_callhome_enabled: true } } put: description: Set the Operations Manager appliance cloud connect configuration. body: application/json: type: systemCloudConnect example: { system_cloud_connect: { cloud_connect_url: "tm2.digi.com", cloud_callhome_enabled: false } } responses: 200: body: application/json: type: systemCloudConnect example: { system_cloud_connect: { cloud_connect_url: "tm2.digi.com", cloud_callhome_enabled: false } } /webui_session_timeout: (deprecated): replaceWith: /system/session_timeout since: 01/2022 type: base-type description: Retrieve or change the Operations Manager appliance WebUI session timeout. get: description: Retrieve the WebUI session timeout (in minutes). responses: 200: body: application/json: type: webuiSessionTimeout example: { system_webui_session_timeout: { timeout: 20 } } put: description: Set the WebUI session timeout (in minutes). body: application/json: type: webuiSessionTimeout example: { system_webui_session_timeout: { timeout: 20 } } responses: 200: body: application/json: type: webuiSessionTimeout example: { system_webui_session_timeout: { timeout: 20 } } /cli_session_timeout: (deprecated): replaceWith: /system/session_timeout since: 01/2022 type: base-type description: Retrieve or change the Operations Manager appliance CLI get: description: Retrieve the CLI session timeout (in minutes). responses: 200: body: application/json: type: cliSessionTimeout example: { system_cli_session_timeout: { timeout: 0 } } put: description: Set the CLI session timeout (in minutes). body: application/json: type: cliSessionTimeout example: { system_cli_session_timeout: { timeout: 20 } } responses: 200: body: application/json: type: cliSessionTimeout example: { system_cli_session_timeout: { timeout: 20 } } /session_timeout: type: base-type description: Retrieve or change the Operations Manager appliance session timeouts. get: description: Retrieve session timeouts (in minutes). responses: 200: body: application/json: type: sessionTimeout example: { system_session_timeout: { cli_timeout: 0, webui_timeout: 20, serial_port_timeout: 0 } } put: description: Set the session timeouts (in minutes). body: application/json: type: sessionTimeout example: { system_session_timeout: { cli_timeout: 20, webui_timeout: 20, serial_port_timeout: 20 } } responses: 200: body: application/json: type: sessionTimeout example: { system_session_timeout: { cli_timeout: 20, webui_timeout: 20, serial_port_timeout: 20 } } 400: description: > Invalid request: body is not json or does not conform to required json schema. body: application/json: type: object example: { "error": [ { "type": 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } /system_authorized_keys: type: base-type get: description: Retrieve ssh authorized keys for all users responses: 200: body: application/json: type: allUsersSSHAuthorizedKeys examples: example1: description: System that has 2 SSH keys belonging to 2 different users value: { "system_authorized_keys": [ { id: "users_ssh_authorized_keys-1", key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTRO6c/1JnaA/Mi3MKONqQJUe75rZC36Z0tH+BefpR2li3F/x7TWQnW0aBSA4y7bGOxS5B+nFd86m6+QWqZMxqIpraG11KKVh2c+ElIliVvPbpN7cL9QKbzDZPCn5TZ28znHDuUSzc7Kt0+33On+7HkMhapKiXkA2ardK89DlpKbE4mSiIZoWG0zepyWsXa86fiKTORqEN8FhRtxnBMcl+WODjQfuBzPNr/zYv75eLaZ0LwUOz6/xm8RkwEhd/kF1ntrXYrwOqhFsR7g0cfqQ5T9vLcUXqe+VDvD16KBkooSL92OTxC907F7HPk7XvQaY4bEWK7ca/vbVhsVzdDhbF /home/root/.ssh/id_rsa\n", key_fingerprint: "2048 SHA256:CNem+rkDme6jInbmuzNxmHz46TP3mA37I2XfEGUuDs8 /home/root/.ssh/id_rsa\n (RSA)", username: "root" }, { id: "users_ssh_authorized_keys-2", key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCb/1mDgaqjrBq1Mnyt1oOxFkmSm6HOCUlETW0KCGpSTpaKppb35I2ec7Pka8H4u40FFUcVQeAtHl2R1JIWo5d+Avb1+W/+uhEiJ2TI9GQTeLiHEJYD0QwhwJLUYXk0FkLPkpvVBag3MwUIh3atun0Aq/2C42EeIhFkcniGQFZsgjDaASw7QEYUTyIYr5AARA2cM1OXWNneJOKsOlOxVwQJPeTBa1tFKjg0cw5ISBXHyqUvUJfwZkI8FCfAyJ2Q7OEjJcKCydL500ZmpmDre+gth3qkgGIiteMvbN3OBmFBLq8pZdzsX7tkT28eyJ7FJTSkvsRkHkHQkZW/gaXPp5PR admin@admin-1", key_fingerprint: "2048 SHA256:KXoalyRQfYNhKr3stn3YPvvxuWS7L3LWqsHPInvRgqY admin@admin-1 (RSA)", username: "admin" } ] } example2: description: System that has no SSH keys value: { "system_authorized_keys": [] } post: description: Add an SSH key for the specified user body: application/json: type: allUsersSSHAuthorizedKeyPost example: { "system_authorized_key": { "key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTRO6c/1JnaA/Mi3MKONqQJUe75rZC36Z0tH+BefpR2li3F/x7TWQnW0aBSA4y7bGOxS5B+nFd86m6+QWqZMxqIpraG11KKVh2c+ElIliVvPbpN7cL9QKbzDZPCn5TZ28znHDuUSzc7Kt0+33On+7HkMhapKiXkA2ardK89DlpKbE4mSiIZoWG0zepyWsXa86fiKTORqEN8FhRtxnBMcl+WODjQfuBzPNr/zYv75eLaZ0LwUOz6/xm8RkwEhd/kF1ntrXYrwOqhFsR7g0cfqQ5T9vLcUXqe+VDvD16KBkooSL92OTxC907F7HPk7XvQaY4bEWK7ca/vbVhsVzdDhbF test", username: "root" } } responses: 200: body: application/json: type: allUsersSSHAuthorizedKeyGet example: { "system_authorized_key": { "id": "users_ssh_authorized_keys-3", "key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTRO6c/1JnaA/Mi3MKONqQJUe75rZC36Z0tH+BefpR2li3F/x7TWQnW0aBSA4y7bGOxS5B+nFd86m6+QWqZMxqIpraG11KKVh2c+ElIliVvPbpN7cL9QKbzDZPCn5TZ28znHDuUSzc7Kt0+33On+7HkMhapKiXkA2ardK89DlpKbE4mSiIZoWG0zepyWsXa86fiKTORqEN8FhRtxnBMcl+WODjQfuBzPNr/zYv75eLaZ0LwUOz6/xm8RkwEhd/kF1ntrXYrwOqhFsR7g0cfqQ5T9vLcUXqe+VDvD16KBkooSL92OTxC907F7HPk7XvQaY4bEWK7ca/vbVhsVzdDhbF test", "key_fingerprint": "2048 SHA256:CNem+rkDme6jInbmuzNxmHz46TP3mA37I2XfEGUuDs8 test (RSA)", username: "root" } } 400: description: Invalid SSH key. body: application/json: example: { "error": [ { "type": 2, "code": 317, "text": "Invalid SSH key", "args": {}, "level": 1 } ] } /{key-id}: type: base-type delete: description: Delete an SSH key. responses: 204: description: SSH key deleted. 403: description: Failed due to not having permission to delete key. body: application/json: example: { "error": [ { "type": 7, "code": 47, "text": "Permission denied", "args": {}, "level": 1 } ] } 404: description: SSH key does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find element with UUID 'users_ssh_authorized_keys-9'", "args": { "uuid": "users_ssh_authorized_keys-9" }, "level": 1 } ] } /ssh_port: type: base-type description: The SSH port used in Direct SSH links. get: description: Retrieve the system SSH port. responses: 200: body: application/json: type: systemSSHPort example: { "system_ssh_port": { "port":22 } } put: description: Set the system SSH port. body: application/json: type: systemSSHPort example: { "system_ssh_port": { "port":22 } } responses: 200: body: application/json: type: systemSSHPort example: { "system_ssh_port": { "port":22 } } /timezone: type: base-type description: Retrieve and update the system's timezone. get: description: Retrieves the system timezone. responses: 200: body: application/json: type: systemTimezone example: { system_timezone: { timezone: "Australia/Brisbane" } } put: description: Set the system timezone. body: application/json: type: systemTimezone example: { system_timezone: { timezone: "Australia/Brisbane" } } responses: 200: body: application/json: type: systemTimezone example: { system_timezone: { timezone: "Australia/Brisbane" } } /time: type: base-type description: Retrieve and update the Operations Manager's time. get: description: Retrieve the Operations Manager current time. responses: 200: body: application/json: type: systemTime example: { time: { time: "16:22 Sep 23, 2016" } } put: description: Set the Operations Manager current time. body: application/json: type: systemTime example: { time: { time: "16:22 Sep 23, 2016" } } responses: 200: body: application/json: type: systemTime example: { time: { time: "16:22 Sep 23, 2016" } } /config: type: base-type # System.reset delete: description: > Delete the configuration effectively performing a system reset. The will reset to factory settings and reboot. responses: 200: description: > The factory reset process was started successfully. /reboot: type: base-type # System.reboot post: description: > Wait 10 seconds then perform a system reboot. responses: 200: description: > The factory reboot process was started successfully. /admin_info: type: base-type description: Retrieve or change the Operations Manager appliance system's information (hostname, contact and location). get: description: Get the Operations Manager appliance system information. responses: 200: body: application/json: type: systemAdminInfo example: { "system_admin_info": { "hostname": "myhost1", "contact": "admin@example.com", "location": "USA" } } put: description: Set the Operations Manager appliance system information. body: application/json: type: systemAdminInfo example: { "system_admin_info": { "hostname": "myhost1", "contact": "admin@example.com", "location": "USA" } } responses: 200: body: application/json: type: systemAdminInfo example: { "system_admin_info": { "hostname": "myhost1", "contact": "admin@example.com", "location": "USA" } } /cellular_logging: type: base-type description: Retrieve and update info about cellular logging. get: description: Retrieves cellular logging info. responses: 200: body: application/json: type: systemCellularLogging example: { "system_cellular_logging": { "enabled": true, "filter": "/usr/libexec/sierra/filters/RRC_OTA_0xB0C0.sqf", "device": "/dev/ttyUSB0" } } put: description: Set the cellular logging info body: application/json: type: systemCellularLogging example: { "system_cellular_logging": { "enabled": true, "filter": "/usr/libexec/sierra/filters/RRC_OTA_0xB0C0.sqf", "device": "/dev/ttyUSB0" } } responses: 200: body: application/json: type: systemCellularLogging example: { "system_cellular_logging": { "enabled": true, "filter": "/usr/libexec/sierra/filters/RRC_OTA_0xB0C0.sqf", "device": "/dev/ttyUSB0" } } /cell_reliability_test: type: base-type get: description: > Retrieve configuration items related to running the cell reliability test. responses: 200: description: Cell reliability test configuration retrieved successfully. body: application/json: type: cellReliabilityTestConfiguration example: { "cell_reliability_test" : { "enabled": true, "period": 120, "test_url": ["https://www.opengear.com/","http://[684D:1111:222:3333:4444:5555:6:77]/"], "signal_strength_threshold" : { "lower": 25, "upper": 75 } } } put: description: > Update configuration items related to running the cell reliability test. This allows the user to enable and disable the test, change how frequently it executes, configure the URL to use in the test and configure the alert threshold for signal strength. body: application/json: type: cellReliabilityTestConfiguration example: { "cell_reliability_test" : { "enabled": true, "period": 120, "test_url": ["https://www.opengear.com/","http://[684D:1111:222:3333:4444:5555:6:77]/"], "signal_strength_threshold" : { "lower": 25, "upper": 75 } } } responses: 200: description: The configuration has been updated. body: application/json: type: cellReliabilityTestConfiguration example: { "cell_reliability_test" : { "enabled": true, "period": 120, "test_url": ["https://www.opengear.com/","http://[684D:1111:222:3333:4444:5555:6:77]/"], "signal_strength_threshold" : { "lower": 25, "upper": 75 } } } /firmware_upgrade: type: base-type # Firmware.postFirmwareUpgrade post: description: > Upgrade the system firmware either by uploading a file or providing a url to download the file from. This endpoint will always return success if the firmware upgrade job was started - it occurs in the background and the state of which should be retrieved from the GET /system/firmware_upgrade_status endpoint. At least 'file' or 'firmware_url' are required. body: multipart/form-data: properties: file: description: The file to be uploaded. required: false type: file firmware_url: description: A url for the file to download. required: false type: string firmware_options: description: Options for the firmware upgrade tool. required: false type: string responses: 200: description: The firmware upgrade process was started. body: application/json: type: firmwareUpgradeStatus example: { "system_firmware_upgrade_status": { "state": "running" } } /firmware_upgrade_status: # Firmware.getFirmwareUpgradeStatus type: base-type get: description: Retrieve the status of the most recent firmware upgrade job. responses: 200: description: The factory reset process was started successfully. body: application/json: type: firmwareUpgradeStatus example: { "system_firmware_upgrade_status": { "state": "error", "error_message": "download_error" } } /version: type: base-type description: Retrieve the Operations Manager's most recent firmware and REST API version. get: description: Get the version information. responses: 200: body: application/json: type: systemVersion example: { "system_version": { "rest_api_version": "v2", "firmware_version": "18.Q3.0" } } /serial_number: type: base-type description: Retrieve the Operations Manager appliance's Serial Number. get: description: Get the Serial Number information. responses: 200: body: application/json: type: systemSerialNumber example: { "system_serial_number": { "serial_number": "409155v03.0001" } } /model_name: type: base-type description: Retrieve the Operations Manager appliance's Model Name. get: description: Get the Model Name information. responses: 200: body: application/json: type: systemModelName example: { "system_model_name": { "model_name": "OM2248-DAC" } } # SupportReport /support_report: description: > A report which will provide information about the state of the Operations Manager appliance. This information can be used to help analyse and understand the state of the system. The report is large and may take in the order of a minute to obtain. type: base-type # SupportReport.get get: description: Retrieve the support report data. responses: 200: description: > System report was successfully generated and returned including a url to a corresponding zip file. body: application/json: type: getSupportReport example: { "support_report": { "contents": "*** System time ***\nMon Aug 22 11:27:29 2016\n\n\n*** Firmware Version ***\n$ sysflash_info\nsysflash info\ncurrent copy name: 'root1'\ncurrent config dev: '/dev/sda6'\ncurrent root dev: '/dev/sda5'\ncurrent boot dev: '/dev/sda2'\nother (upgradable) copy name: 'root2'\nother (upgradable) config dev: '/dev/sda8'\nother (upgradable) root dev: '/dev/sda7'\nother (upgradable) boot dev: '/dev/sda3'\nboard name: 'OM-2000'\nboard rev: '1.0'\ncurrent software vendor: 'opengear'\ncurrent software product: 'operations manager'\ncurrent software version: '1.0.0'\ncurrent software variant: 'dev'\n\n*** Uptime ***\n359140.57 715606.84\n\n*** IP Configuration ***\n$ ifconfig\nnet1 Link encap:Ethernet HWaddr 08:00:27:d7:1c:38 \n ", "zip_file": "/api/v2/support_report?zip=1" } } # Remote Authentication Config /auth: description: > Configure remote authentication, authorization, accounting (AAA) servers. type: base-type get: description: Retrieve information on AAA servers. responses: 200: description: > A JSON object containing the AAA config is returned. body: application/json: type: authGet example: { "auth" : { "mode" : "tacacs", "policy" : "remotedownlocal", "radiusAuthenticationServers" : [ { "hostname" : "192.168.250.1.2" } ], "radiusAccountingServers" : [ { "hostname" : "192.168.250.1.2" } ], "tacacsService" : "raccess", "tacacsMethod" : "pap", "tacacsAccountingEnabled" : false, "tacacsAuthenticationServers" : [ { "hostname" : "192.168.1.2", } ], "ldapAuthenticationServers" : [ { "hostname" : "192.168.1.2" } ], "ldapBaseDN" : "cn=Users,dc=example,dc=com", "ldapBindDN" : "cn=Administrator,cn=Users,dc=example,dc=com", "ldapUsernameAttribute" : "sAMAccountName", } } put: description: Set the AAA config. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: authPut example: { "auth" : { "mode" : "radius", "policy" : "remotelocal", "radiusPassword" : "hunter2", "radiusAuthenticationServers" : [ { "hostname" : "192.168.250.2" } ], "radiusAccountingServers" : [ { "hostname" : "192.168.250.2" } ], "tacacsAuthenticationServers":[], "tacacsPassword": "", "ldapBaseDN": "", "ldapUsernameAttribute": "", "ldapBindPassword": "", "ldapAuthenticationServers":[], } } responses: 200: description: > A JSON object containing the AAA config is returned. body: application/json: type: authGet example: { "auth" : { "tacacsAuthenticationServers":[], "ldapBaseDN": "", "ldapUsernameAttribute": "", "ldapIgnoreReferrals": false, "ldapAuthenticationServers":[], "mode" : "radius", "policy" : "remotelocal", "radiusAuthenticationServers" : [ { "port": 1812, "hostname" : "192.168.250.2" } ], "radiusAccountingServers" : [ { "port": 1813, "hostname" : "192.168.250.2" } ] } } # Local password policy (expiry and complexity) /local_password_policy: description: | Configure the password policy for local users. This includes expiry and complexity settings. type: base-type get: description: Retrieve the local password policy. responses: 200: description: > A JSON object containing the local password policy is returned. body: application/json: type: localPasswordComplexityObj example: { "local_password_policy" : { "password_expiry_interval_enabled": true, "password_expiry_interval_days": 1, "password_complexity_enabled": true, "password_minimum_length": 10, "password_must_contain_upper_case": true, "password_must_contain_special": false, "password_must_contain_number": true, "password_disallow_username": false, } } put: description: Set the local password policy. body: application/json: type: localPasswordComplexityObj example: { "local_password_policy" : { "password_expiry_interval_enabled": false, "password_expiry_interval_days": 10, "password_complexity_enabled": false, "password_minimum_length": 10, "password_must_contain_upper_case": false, "password_must_contain_special": true, "password_must_contain_number": true, "password_disallow_username": true, } } responses: 200: description: > A JSON object containing the local password policy is returned. body: application/json: type: localPasswordComplexityObj example: { "local_password_policy" : { "password_expiry_interval_enabled": false, "password_expiry_interval_days": 10, "password_complexity_enabled": true, "password_minimum_length": 6, "password_must_contain_upper_case": true, "password_must_contain_special": true, "password_must_contain_number": false, "password_disallow_username": true, } } /users: description: Retrieve and update user information. type: base-type get: description: Retrieve a list of users. responses: 200: description: A JSON object containing Users Config is returned. body: application/json: type: getUserList example: { "users": [ { "username": "root", "description": "System wide SuperUser account", "enabled": true, "id": "users-1", "no_password": false, "ssh_password_enabled": true, "hashed_password": "$5$vqpQsIj./5/2OOBo$tTUYAJaEqbZYf4aipKicPF5bpkkGSEqtBy3t4dylp0/", "rights": { "delete": true, "modify": true }, "groups": ["usergrp"], "groupNames": ["g1"] }, { "username": "tu0", "description": "", "enabled": true, "id": "users-2", "no_password": false, "ssh_password_enabled": true, "hashed_password": "$5$vqpQsIj./5/2OOBo$tTUYAJaEqbZYf4aipKicPF5bpkkGSEqtBy3t4dylp0/", "rights": { "delete": true, "modify": true }, "groups": ["usergrp"], "groupNames": ["g1"] } ], meta: { total_pages: "1" } } put: description: Replace current user list with a new one. Used by Lighthouse Template push queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: putUserList example: { "users":[ { "username": "user1", "description": "An admin user", "password": "default", "groups": ["g1", "g2", "g3"] }, { "username": "user2", "description": "Another user", "password": "default", "groups": ["g1"] } ] } responses: 200: description: A JSON object containing Users Config is returned. body: application/json: type: getUserList example: { "users": [ { "username": "root", "enabled": true, "id": "users-1", "no_password": false, "ssh_password_enabled": true, "hashed_password": "$5$vqpQsIj./5/2OOBo$tTUYAJaEqbZYf4aipKicPF5bpkkGSEqtBy3t4dylp0/", "rights": { "delete": true, "modify": true }, "groups": ["usergrp", "admin"], "groupNames": ["g1","g2"] }, { "username": "user1", "enabled": true, "description": "An admin user", "id": "users-2", "no_password": false, "ssh_password_enabled": true, "hashed_password": "$5$697qmlbgz79fbNhl$Px.GuCYD1pEdUZUZR9aBKC14OlhQfYldn79tVluNCtD", "rights": { "delete": true, "modify": true }, "groups": ["usergrp", "admin", "my_group"], "groupNames": ["g1","g2", "g3"] }, { "username": "user2", "enabled": true, "description": "Another user", "id": "users-3", "no_password": false, "ssh_password_enabled": true, "hashed_password": "$5$697qmlbgz79fbNhl$Px.GuCYD1pEdUZUZR9aBKC14OlhQfYldn79tVluNCtD", "rights": { "delete": true, "modify": true }, "groups": ["usergrp"], "groupNames": ["g1"] } ], meta: { total_pages: "1" } } 400: description: Failed to initiate user creation due to error in post body. body: application/json: type: errorString example: { "error": "Failed to parse request data" } post: description: Create a new User data in the config. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: postUserType example: { "user": { "username": "tu1", "description": "testupdated", "enabled": true, "no_password": true, "groups": ["admin"] } } responses: 200: body: application/json: type: getUserType example: { "user": { "username": "tu1", "description": "testupdated", "enabled": true, "id": "users-5", "no_password": true, "ssh_password_enabled": true, "hashed_password": "$5$vqpQsIj./5/2OOBo$tTUYAJaEqbZYf4aipKicPF5bpkkGSEqtBy3t4dylp0/", "rights": { "delete": true, "modify": true }, "groups": ["admin"], "groupNames": ["g2"] } } 400: description: Failed to initiate user creation due to error in post body. body: application/json: example: { "error": [ { type: 2, "code": 12, "text": "Element is below the minimum allowed length of 1 character(s)", "args": { "min": "1", "uuid": "{60e2b0a-aafa-11e6-aca7-cb7fd0646002" }, "level": 1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } /{user-id}: type: base-type description: > Retrieve and update information for a specific user. # User.get get: displayName: getUser description: Retrieve the User information by ID. responses: 200: description: User exists body: application/json: type: getUserType example: { "user": { "username": "tu0", "description": "", "enabled": true, "id": "users-2", "no_password": false, "ssh_password_enabled": true, "hashed_password": "$5$vqpQsIj./5/2OOBo$tTUYAJaEqbZYf4aipKicPF5bpkkGSEqtBy3t4dylp0/", "rights": { "delete": true, "modify": true }, "groups": ["usergrp"], "groupNames": ["g1"] } } 401: description: Authentication failed due to invalid session. body: application/json: example: { "error": [ { type: 7, "code": 42, "text": "Invalid session ID", "args": {}, "level": 1 } ] } 404: description: User does not exist. User Not Found. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find user with username or id 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } put: description: Set a user's properties in the config. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: putUserType example: { "user": { "description": "testupdated", "enabled": true, "no_password": true, "ssh_password_enabled": true, "groups": [ "admin" ], } } responses: 200: description: User has been Updated. body: application/json: type: getUserType example: { "user": { "username": "tu1", "description": "testupdated", "enabled": true, "no_password": true, "ssh_password_enabled": true, "hashed_password": "$5$vqpQsIj./5/2OOBo$tTUYAJaEqbZYf4aipKicPF5bpkkGSEqtBy3t4dylp0/", "id": "users-5", "rights": { "delete": true, "modify": true }, "groups": ["admin"], "groupNames": ["g2"] } } 400: description: Invalid request body: application/json: example: { "error": [ { type: 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } delete: displayName: deleteUser description: Delete a User responses: 200: description: User deleted 404: description: User did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find user with username or id 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } /ssh: type: base-type /authorized_keys: type: base-type get: description: Retrieve ssh authorized keys for a user responses: 200: body: application/json: type: userSSHAuthorizedKeys examples: example1: description: User with 2 keys value: { "authorized_keys": [ { id: "users_ssh_authorized_keys-1", key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTRO6c/1JnaA/Mi3MKONqQJUe75rZC36Z0tH+BefpR2li3F/x7TWQnW0aBSA4y7bGOxS5B+nFd86m6+QWqZMxqIpraG11KKVh2c+ElIliVvPbpN7cL9QKbzDZPCn5TZ28znHDuUSzc7Kt0+33On+7HkMhapKiXkA2ardK89DlpKbE4mSiIZoWG0zepyWsXa86fiKTORqEN8FhRtxnBMcl+WODjQfuBzPNr/zYv75eLaZ0LwUOz6/xm8RkwEhd/kF1ntrXYrwOqhFsR7g0cfqQ5T9vLcUXqe+VDvD16KBkooSL92OTxC907F7HPk7XvQaY4bEWK7ca/vbVhsVzdDhbF /home/lincolnr/.ssh/id_rsa\n", key_fingerprint: "2048 SHA256:CNem+rkDme6jInbmuzNxmHz46TP3mA37I2XfEGUuDs8 /home/lincolnr/.ssh/id_rsa\n (RSA)" }, { id: "users_ssh_authorized_keys-2", key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDcsp/AQJKLsinT822ZXAnyXpSykeRXPlOvvOH3zi7QkYLz4+VBbTqJO/R2AJp8Cd0MrGMwuzzbwM25bAb7mesni+RRUAcNPqDD8/z8PKKKRzU1aKRqi/Za3FDRxPAOPJ/Wy1F1lGG6BSKe3gH9QHkPpy5ZPkDcs0S9+qoUYwNCAaB2tcK1jp/L6RXuJ3yLhRBIMpYicRwYcXDOX7QFt4BhnKMrR1ufcU08CGRLYLxnsd2RuiPn2jAz8OHJN7GUvrQ6VK+k47vEj0YLBuP27ZbFKwAJd3dhdezlhjlDDGrVrrXZgwxR+LeOuTnkqUVHOXkYVuiWQZqGS/hC76wJEt2xHinW5+4GuN69qBeY//jCYT+DHe9qJ0MEB5xNjVoWXxb9C7Pc1+/3y+p84X2Oa2nYJm3Vsn8u/S2Mbu1epf16i2qnLEInXkbBF/3T06NZAR+8in51MYE+kQkWq7dlkX20b5l28Ugu8VYYrcxxg0AREfqaL5FbyPS1OHaEb5zvabN23JTPpG8LBnXSjNu8AIpbfM8PaXT+7c5nSSQ+y0G1kZsP9MberstvExJOOYl8eviShb41RuApZL3ik/gY1pZKhBNQbx7eD84q1f2cXtyAw554WWrnM4BlFZB86/M7rrX+GkHRbgv57dc/j5pID08MZ5w/52Tj9KpApYKcQkNFSQ== root@root-1", key_fingerprint: "4096 SHA256:a3MIQdLMB/kOUYcHSnlqHagOfHdlv4A/RCaTUr8o6MY root@root-1 (RSA)" } ] } example2: description: User with no keys value: { "authorized_keys": [] } post: description: Add an SSH key for a user body: application/json: type: userSSHAuthorizedKeyPost example: { "authorized_key": { "key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTRO6c/1JnaA/Mi3MKONqQJUe75rZC36Z0tH+BefpR2li3F/x7TWQnW0aBSA4y7bGOxS5B+nFd86m6+QWqZMxqIpraG11KKVh2c+ElIliVvPbpN7cL9QKbzDZPCn5TZ28znHDuUSzc7Kt0+33On+7HkMhapKiXkA2ardK89DlpKbE4mSiIZoWG0zepyWsXa86fiKTORqEN8FhRtxnBMcl+WODjQfuBzPNr/zYv75eLaZ0LwUOz6/xm8RkwEhd/kF1ntrXYrwOqhFsR7g0cfqQ5T9vLcUXqe+VDvD16KBkooSL92OTxC907F7HPk7XvQaY4bEWK7ca/vbVhsVzdDhbF test" } } responses: 200: body: application/json: type: userSSHAuthorizedKeyGet example: { "authorized_key": { "id": "users_ssh_authorized_keys-3", "key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTRO6c/1JnaA/Mi3MKONqQJUe75rZC36Z0tH+BefpR2li3F/x7TWQnW0aBSA4y7bGOxS5B+nFd86m6+QWqZMxqIpraG11KKVh2c+ElIliVvPbpN7cL9QKbzDZPCn5TZ28znHDuUSzc7Kt0+33On+7HkMhapKiXkA2ardK89DlpKbE4mSiIZoWG0zepyWsXa86fiKTORqEN8FhRtxnBMcl+WODjQfuBzPNr/zYv75eLaZ0LwUOz6/xm8RkwEhd/kF1ntrXYrwOqhFsR7g0cfqQ5T9vLcUXqe+VDvD16KBkooSL92OTxC907F7HPk7XvQaY4bEWK7ca/vbVhsVzdDhbF test", "key_fingerprint": "2048 SHA256:CNem+rkDme6jInbmuzNxmHz46TP3mA37I2XfEGUuDs8 test (RSA)" } } 400: description: Invalid SSH key. body: application/json: example: { "error": [ { "type": 2, "code": 317, "text": "Invalid SSH key", "args": {}, "level": 1 } ] } /{key-id}: type: base-type delete: description: Delete an SSH key for a user. responses: 204: description: SSH key deleted. 403: description: Failed due to not having permission to delete key. body: application/json: example: { "error": [ { "type": 7, "code": 47, "text": "Permission denied", "args": {}, "level": 1 } ] } 404: description: SSH key does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ssh/authorized_key with key or id 'users_ssh_authorized_keys-9'", "args": { "uuid": "users_ssh_authorized_keys-9" }, "level": 1 } ] } /groups: description: Retrieve or update group information. type: base-type get: description: Retrieve a list of groups. # Group.getList responses: 200: description: A JSON object containing Groups config is returned. body: application/json: type: getGroupList example: { "groups": [ { "id": "groups-1", "enabled": true, "groupname": "usergrp", "mode": "scoped", "role": "ConsoleUser", "description": "The ConsoleUser group", "members": ["root", "tu0"], "ports": ["serial/by-opengear-id/port01", "serial/by-opengear-id/port02", "serial/by-opengear-id/port03"], "rights": { "delete": true, "modify": false} }, { "id": "groups-2", "enabled": true, "groupname": "admin", "mode": "global", "role": "Administrator", "description": "Administrator", "members": ["root", "tu0"], "rights": { "delete": true, "modify": true } } ], meta: { total_pages: "1" } } put: description: Replace current groups list with a new one. Used by Lighthouse Template push body: application/json: type: putGroupList example: { "groups": [ { "name": "group1", "description": "an admin group", "roles": [ "admin" ], "ports":[ ] },{ "name": "group2", "description": "an unrestricted consoleUser", "roles": [ "all_ports_user", "pmshell_user" ], "ports":[ ] }, { "name": "group3", "description": "a restricted consoleUser", "roles": [ "basic_webui_user", "pmshell_user" ], "ports":[ true, false, true, true, false ] } ] } responses: 200: description: A JSON object containing Groups Config is returned. body: application/json: type: getGroupList example: { "groups": [ { "enabled": true, "id": "groups-1", "groupname": "usergrp", "description": "The consoleUser group", "mode": "scoped", "role": "ConsoleUser", "members": ["root", "tu0"], "ports": ["serial/by-opengear-id/port01", "serial/by-opengear-id/port02", "serial/by-opengear-id/port03"], "rights": { "delete": true, "modify": true } }, { "enabled": true, "id": "groups-2", "groupname": "admin", "description": "Administrator", "mode": "global", "role": "Administrator", "members": ["root", "tu0"], "rights": { "delete": true, "modify": true } } ], meta: { total_pages: "1" } } 400: description: Failed to initiate user creation due to error in post body. body: application/json: type: errorString example: { "error": "Failed to parse request data" } post: # Group.create description: Create a new Group in the config. body: application/json: type: putGroupType examples: group_for_admin: { "group": { "groupname": "local_admin", "enabled": true, "mode": "global", "role": "Administrator", } } group_for_users: { "group": { "groupname": "my_group", "enabled": true, "mode": "scoped", "role": "ConsoleUser", "ports": ["serial/by-opengear-id/port01", "serial/by-opengear-id/port02", "serial/by-opengear-id/port03"], } } responses: 201: body: application/json: type: getGroupType examples: admin_group: { "group": { "id": "groups-1", "enabled": true, "groupname": "local-admin", "mode": "global", "role": "Administrator", "members": [], "ports": [], "rights": { "delete": true, "modify": true } } } ConsoleUser_group: { "group": { "id": "groups-3", "enabled": true, "groupname": "my_group", "mode": "scoped", "role": "ConsoleUser", "description": "Group for ConsoleUser", "members": [], "ports": ["serial/by-opengear-id/port01", "serial/by-opengear-id/port02", "serial/by-opengear-id/port03"], "rights": { "delete": true, "modify": false} } } 400: description: Failed to initiate group creation due to error in post body. body: application/json: example: { "error": [ { "type": 2, "code": 26, "level": 1, "text": "Duplicate 'groupname' fields with value 'netgrp'", "args": { "value": "netgrp", "uuid": "root-1-@groups", "field": "groupname" } }, { "type": 1, "code": 33, "level": 1, "text": "Push command failed", "args": {} } ] } 401: description: Authentication failed due to invalid session. body: application/json: example: { "error": [ { "type": 7, "code": 42, "text": "Invalid session ID", "args": {}, "level": 1 } ] } /{id}: # Group.get type: base-type description: Retrieve or update information for a specific group. get: displayName: getGroupResponse description: Retrieve the Group information by ID. responses: 200: description: Group exists body: application/json: type: getGroupType example: { "group": { "id": "groups-6", "enabled": true, "groupname": "netgrp2", "mode": "scoped", "role": "ConsoleUser", "members": ["root", "tu0"], "ports": ["serial/by-opengear-id/port01", "serial/by-opengear-id/port02", "serial/by-opengear-id/port03"], "rights": { "delete": true, "modify": false} } } 401: description: Authentication failed due to invalid session. body: application/json: example: { "error": [ { "type": 7, "code": 42, "text": "Invalid session ID", "args": {}, "level": 1 } ] } 404: description: Group does not exist. Group Not Found. body: application/json: example: { "error": [ { "type": 5, "code": 29, "text": "Could not find group with groupname or id 'group59'", "args": { "uuid": "group59" }, "level": 1 } ] } put: # Group.update description: Update a Group data in the config. body: application/json: type: putGroupType example: { "group": { "enabled": true, "groupname": "netgrp2", "mode": "scoped", "role": "ConsoleUser", "description": "Group for ConsoleUser role", "ports": ["serial/by-opengear-id/port01", "serial/by-opengear-id/port02", "serial/by-opengear-id/port03"] } } responses: 200: description: Group has been updated. body: application/json: type: getGroupType example: { "group": { "id": "groups-6", "enabled": true, "groupname": "netgrp2", "mode": "scoped", "role": "ConsoleUser", "description": "Group for ConsoleUser role", "members": ["root", "tu0"], "ports": ["serial/by-opengear-id/port01", "serial/by-opengear-id/port02", "serial/by-opengear-id/port03"], "rights": { "delete": true, "modify": false} } } 400: description: Invalid request body: application/json: example: { "error": [ { "type": 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } delete: displayName: deleteGroup description: Delete a Group responses: 204: description: Group deleted 404: description: Group did not exist body: application/json: example: { "error": [ { "type": 5, "code": 29, "text": "Could not find group with groupname or id 'group6'", "args": { "uuid": "group6" }, "level": 1 } ] } /scripts: type: base-type description: The scripts endpoint is used to upload and execute custom user scripts on the appliance and to retrieve the status of currently executing scripts post: description: Upload a shell script to be executed on the node body: multipart/form-data: properties: script_metadata: description: JSON object containing script_timeout in minutes and the script_checksum (SHA1). type: script_metadata file: description: The file to be uploaded. type: file responses: 400: description: Invalid request body: application/json: type: object example: { "error": "Invalid script metadata" } 200: description: Successful request body: application/json: type: script_info example: { "info": "Script execution started successfully", "execution_id": 23 } get: description: Retrieve the status of a script executing on the node, as in GET /scripts?execution_id={id}, where id is the value for execution_id returned in the 200 response to the POST /scripts request. queryParameters: execution_id: type: string description: The execution_id returned from a /scripts POST request responses: 200: description: Successful request body: application/json: type: script_execution_status example: { "script_status": "in_progress" } 400: description: Invalid request body: application/json: type: object example: { "error": "Script execution ID not provided" } 500: description: Unexpected error body: application/json: example: { "error": "Script exit code not found" } /firewall: description: > Firewall endpoints are related to configuring and accessing information about the firewall running on the appliance. /services: type: base-type description: > Collection of custom services defined for the appliance's firewall. A service is a named grouping of one or more TCP or UDP ports for a particular networking protocol. For example, the 'https' service refers to TCP port 443. The appliance includes many predefined services for common protocols (see /firewall/predefined_services). This collection contains only custom services which have been defined by the administrator. get: description: Retrieve a list of custom services defined for the appliance. responses: 200: description: The list of custom services. body: application/json: type: getFirewallServicesListResponse example: { "firewall_services": [ { "id": "firewall-services-0", "name": "http", "label": "HTTP", "ports": [ { "protocol": "tcp", "port": 80 } ] }, { "id": "firewall-services-1", "name": "https", "label": "HTTPS", "ports": [ { "protocol": "tcp", "port": 443 } ] } ], meta: { total_pages: "1" } } 400: description: Invalid request, missing or incorrect page/per_page body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } post: description: Create a new custom service in the config. body: application/json: type: setFirewallService example: { "firewall_service": { "name": "https", "label": "HTTPS", "ports": [ { "protocol": "tcp", "port": 443 } ] } } responses: 200: description: Service was added. body: application/json: type: getFirewallServiceResponse example: { "firewall_service": { "id": "firewall-services-1", "name": "https", "label": "HTTPS", "ports": [ { "protocol": "tcp", "port": 443 } ] } } 400: description: Failed due to error in post body. body: application/json: example: { "error": [ { type: 2, "code": 12, "text": "Element is below the minimum allowed length of 1 character(s)", "args": { "min": "1", "uuid": "{60e2b0a-aafa-11e6-aca7-cb7fd0646002" }, "level": 1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } /{id}: type: base-type get: description: Retrieve the custom service by ID. responses: 200: description: Service exists. body: application/json: type: getFirewallServiceResponse example: { "firewall_service": { "id": "firewall-services-1", "name": "https", "label": "HTTPS", "ports": [ { "protocol": "tcp", "port": 443 } ] } } 401: description: Authentication failed due to invalid session. body: application/json: example: { "error": [ { type: 7, "code": 42, "text": "Invalid session ID", "args": {}, "level": 1 } ] } 404: description: Service does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find user with username or id 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } put: description: Set the configuration for an existing firewall service. body: application/json: type: setFirewallService example: { "firewall_service": { "name": "https", "label": "HTTPS", "ports": [ { "protocol": "tcp", "port": 443 } ] } } responses: 200: description: Service has been updated. body: application/json: type: getFirewallServiceResponse example: { "firewall_service": { "id": "firewall-services-1", "name": "https", "label": "HTTPS", "ports": [ { "protocol": "tcp", "port": 443 } ] } } 400: description: Invalid request body: application/json: example: { "error": [ { type: 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } 404: description: Service does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find firewall/service with name or id 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } delete: description: Delete a service. responses: 204: description: Service deleted. 404: description: Service does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find firewall/service with name or id 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } /zones: type: base-type description: > Collection of zones defined for the appliance's firewall. A zone includes 1 or more interfaces. get: description: Retrieve a list of zones defined for the appliance. responses: 200: description: The list of zones. body: application/json: type: getFirewallZonesListResponse example: { "firewall_zones": [ { "id": "firewall-zones-0", "name": "lan", "label": "LAN", "description": "Local Network", "physifs": [ "net1" ], "permit_all_traffic": false, "masquerade": false, "permitted_services": ["telnet", "https", "http"], "port_forwarding_rules": [ { protocol: "tcp", from_port: "33", to_port: 44 } ], "custom_rules": [ { rule_content: "rule family='ipv4' source address='192.168.67.101/32' service name='telnet' accept", description: "allow rule"} ] }, { "id": "firewall-zones-1", "name": "lan2", "label": "LAN 2", "description": "Backup Network", "physifs": [ "net1" ], "permit_all_traffic": false, "masquerade": false, "permitted_services": [], "port_forwarding_rules": [], "custom_rules": [] } ], meta: { total_pages: "1" } } 400: description: Invalid request, missing or incorrect page/per_page body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } post: description: Create a new zone in the config. body: application/json: type: setFirewallZone example: { "firewall_zone": { "name": "lan", "label": "LAN", "description": "Local Network", "physifs": [ "net1" ], "permit_all_traffic": false, "masquerade": false, "permitted_services": ["https", "ssh"] } } responses: 200: description: Zone was added. body: application/json: type: getFirewallZoneResponse example: { "firewall_zone": { "id": "firewall-zones-0", "name": "lan", "label": "LAN", "description": "Local Network", "physifs": [ "net1" ], "permit_all_traffic": false, "masquerade": false, "permitted_services": ["https", "ssh"], "port_forwarding_rules": [ { protocol: "tcp", from_port: "33", to_port: 44 } ], "custom_rules": [] } } 400: description: Failed due to error in post body. body: application/json: example: { "error": [ { type: 2, "code": 12, "text": "Element is below the minimum allowed length of 1 character(s)", "args": { "min": "1", "uuid": "{60e2b0a-aafa-11e6-aca7-cb7fd0646002" }, "level": 1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } put: description: Set a list of firewall zones in the config. body: application/json: type: setFirewallZonesList example: { "firewall_zones": [ { "name": "lan", "label": "LAN", "description": "Local Network", "physifs": [ "net1" ], "permit_all_traffic": false, "masquerade": false, "permitted_services": ["telnet", "https", "http"], "port_forwarding_rules": [ { protocol: "tcp", from_port: "33", to_port: 44 } ], "custom_rules": [ { rule_content: "rule family='ipv4' source address='192.168.67.101/32' service name='telnet' accept", description: "allow rule"} ] }, { "name": "lhvpn", "label": "LHVPN", "description": "VPN connections to Lighthouse central management", "physifs": [], "permit_all_traffic": true, "masquerade": true, "permitted_services": ["ssh", "https", "dhcpv6-client"], "port_forwarding_rules": [], "custom_rules": [] }, ], } responses: 200: description: The list of zones have been updated. body: application/json: type: getFirewallZonesListResponse example: { "firewall_zones": [ { "id": "firewall_zones-1", "name": "lan", "label": "LAN", "description": "Local Network", "physifs": [ "net1" ], "permit_all_traffic": false, "masquerade": false, "permitted_services": ["telnet", "https", "http"], "port_forwarding_rules": [ { protocol: "tcp", from_port: "33", to_port: 44 } ], "custom_rules": [ { rule_content: "rule family='ipv4' source address='192.168.67.101/32' service name='telnet' accept", description: "allow rule"} ] }, { "id": "firewall_zones-4", "name": "lhvpn", "label": "LHVPN", "description": "VPN connections to Lighthouse central management", "physifs": [], "permit_all_traffic": true, "masquerade": true, "permitted_services": ["ssh", "https", "dhcpv6-client"], "port_forwarding_rules": [], "custom_rules": [] } ], meta: { total_pages: "1" } } 400: description: Invalid request body: application/json: example: { "error": [ { type: 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } 404: description: Zone does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find firewall/zone with name or id 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } /{id}: type: base-type get: description: Retrieve the zone by ID. responses: 200: description: Zone exists. body: application/json: type: getFirewallZoneResponse example: { "firewall_zone": { "id": "firewall-zones-0", "name": "lan", "label": "LAN", "description": "Local Network", "physifs": [ "net1" ], "permit_all_traffic": false, "masquerade": false, "permitted_services": ["telnet", "https", "http"], "port_forwarding_rules": [ { protocol: "tcp", from_port: "33", to_port: 44 } ], "custom_rules": [] } } 401: description: Authentication failed due to invalid session. body: application/json: example: { "error": [ { type: 7, "code": 42, "text": "Invalid session ID", "args": {}, "level": 1 } ] } 404: description: Zone does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find firewall/zone with name or id 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } put: description: Set the configuration for an existing firewall zone. body: application/json: type: setFirewallZone example: { "firewall_zone": { "name": "lan", "label": "LAN", "description": "Local Network", "physifs": [ "net1" ], "permit_all_traffic": false, "masquerade": false, "permitted_services": ["https", "ssh"] } } responses: 200: description: Zone has been updated. body: application/json: type: getFirewallZoneResponse example: { "firewall_zone": { "id": "firewall-zones-1", "name": "lan2", "label": "LAN 2", "description": "Backup Network", "physifs": [ "net1" ], "permit_all_traffic": true, "masquerade": true, "permitted_services": ["https", "ssh"], "port_forwarding_rules": [ { protocol: "tcp", from_port: "33", to_port: 44 } ], "custom_rules": [] } } 400: description: Invalid request body: application/json: example: { "error": [ { type: 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } 404: description: Zone does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find firewall/zone with name or id 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } delete: description: Delete a zone. responses: 204: description: Zone deleted. 404: description: Zone does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find firewall/zone with name or id 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } /rules: type: base-type description: > Collection of rules defined for the appliance's firewall. A rule maps a service to a zone. get: description: Retrieve a list of rules defined for the appliance. responses: 200: description: The list of rules. body: application/json: type: getFirewallRulesListResponse example: { "firewall_rules": [ { "id": "firewall-rules-0", "multi_field_identifier": "wan-http", "service": "http", "zone": "wan" }, { "id": "firewall-rules-1", "multi_field_identifier": "lan-https", "service": "https", "zone": "lan" } ], meta: { total_pages: "1" } } 400: description: Invalid request, missing or incorrect page/per_page body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } post: description: Create a new rule in the config. body: application/json: type: setFirewallRule example: { "firewall_rule": { "service": "https", "zone": "wan" } } responses: 200: description: Rule was added. body: application/json: type: getFirewallRuleResponse example: { "firewall_rule": { "id": "firewall-rules-1", "multi_field_identifier": "wan-https", "service": "https", "zone": "wan" } } 400: description: Failed due to error in post body. body: application/json: example: { "error": [ { type: 2, "code": 12, "text": "Element is below the minimum allowed length of 1 character(s)", "args": { "min": "1", "uuid": "{60e2b0a-aafa-11e6-aca7-cb7fd0646002" }, "level": 1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } delete: description: Bulk delete a list of rules defined for the appliance. body: application/json: type: bulkDeleteFirewallRuleList example: { "firewall_rules": [ "firewall_rules-1", "firewall_rules-5", ] } responses: 204: description: All rules were deleted successfully. 400: description: Invalid request, missing or incorrect page/per_page body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } 404: description: Rule(s) do not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find element with UUID 'firewall_rules-5'", "args": { "uuid": "firewall_rules-5" }, "level": 1 } ] } /{id}: type: base-type get: description: Retrieve the rule by ID. responses: 200: description: Rule exists. body: application/json: type: getFirewallRuleResponse example: { "firewall_rule": { "id": "firewall-rules-1", "multi_field_identifier": "wan-https", "service": "https", "zone": "wan" } } 401: description: Authentication failed due to invalid session. body: application/json: example: { "error": [ { type: 7, "code": 42, "text": "Invalid session ID", "args": {}, "level": 1 } ] } 404: description: Rule does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find element with UUID 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } put: description: Set the configuration for an existing firewall rule. body: application/json: type: setFirewallRule example: { "firewall_rule": { "service": "https", "zone": "wan" } } responses: 200: description: Rule has been updated. body: application/json: type: getFirewallRuleResponse example: { "firewall_rule": { "id": "firewall-rules-1", "multi_field_identifier": "wan-https", "service": "https", "zone": "wan" } } 400: description: Invalid request body: application/json: example: { "error": [ { type: 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } 404: description: Rule does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find element with UUID 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } delete: description: Delete a rule. responses: 204: description: Rule deleted. 404: description: Rule does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find element with UUID 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } /predefined_services: type: base-type description: > Collection of predefined services defined for the appliance's firewall. A service is a named grouping of one or more TCP or UDP ports for a particular networking protocol. For example, the 'https' service refers to TCP port 443. This collection contains predefined services for common protocols and doesn't include the services added by the administrator. get: description: Retrieve a list of predefined services defined for the appliance. responses: 200: description: The list of predefined services. body: application/json: type: getFirewallPredefinedServicesListResponse example: { "predefined_firewall_services": [ { "name": "http", "label": "HTTP", "ports": [ { "protocol": "tcp", "port": "80" } ] }, { "name": "https", "label": "HTTPS", "ports": [ { "protocol": "tcp", "port": "443" } ] } ], "meta": { "total_pages": "1" } } /policies: type: base-type description: > Collection of policies defined for the appliance's firewall. A policy specifies which zones traffic is allowed to route between. get: description: Retrieve a list of policies defined for the appliance. responses: 200: description: The list of policies. body: application/json: type: getFirewallPoliciesListResponse example: { "firewall_policies": [ { "id": "firewall_policies-1", "name": "lan_to_wan", "description": "LAN --> WAN", "ingress_zones": [ "lan" ], "egress_zones": [ "wan" ] }, { "id": "firewall_policies-2", "name": "wan_to_lan", "ingress_zones": [ "wan" ], "egress_zones": [ "lan" ] } ], meta: { total_pages: "1" } } 400: description: Invalid request, missing or incorrect page/per_page body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } post: description: Create a new policy in the config. body: application/json: type: setFirewallPolicy example: { "firewall_policy": { "name": "lan_to_wan", "description": "LAN --> WAN", "ingress_zones": [ "lan" ], "egress_zones": [ "wan", "lhvpn" ] } } responses: 201: description: Policy was added. body: application/json: type: getFirewallPolicyResponse example: { "firewall_policy": { "id": "firewall_policies-1", "name": "lan_to_wan", "description": "LAN --> WAN", "ingress_zones": [ "lan" ], "egress_zones": [ "wan", "lhvpn" ] } } 400: description: Failed due to error in post body. body: application/json: example: { "error": [ { type: 2, "code": 12, "text": "Element is below the minimum allowed length of 1 character(s)", "args": { "min": "1", "uuid": "{60e2b0a-aafa-11e6-aca7-cb7fd0646002" }, "level": 1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } /{id}: type: base-type get: description: Retrieve the policy by ID. responses: 200: description: Policy exists. body: application/json: type: getFirewallPolicyResponse example: { "firewall_policy": { "id": "firewall_policies-1", "name": "lan_to_wan", "description": "LAN --> WAN", "ingress_zones": [ "lan" ], "egress_zones": [ "wan" ] } } 401: description: Authentication failed due to invalid session. body: application/json: example: { "error": [ { type: 7, "code": 42, "text": "Invalid session ID", "args": {}, "level": 1 } ] } 404: description: Policy does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find firewall/policy with name or id 'firewall_policies-2'", "args": { "uuid": "firewall_policies-2" }, "level": 1 } ] } put: description: Set the configuration for an existing firewall policy. body: application/json: type: setFirewallPolicy example: { "firewall_policy": { "name": "lan_to_wan", "description": "LAN --> WAN", "ingress_zones": [ "lan" ], "egress_zones": [ "wan" ] } } responses: 200: description: Policy has been updated. body: application/json: type: getFirewallPolicyResponse example: { "firewall_policy": { "id": "firewall_policies-1", "name": "lan_to_wan", "description": "LAN --> WAN", "ingress_zones": [ "lan" ], "egress_zones": [ "wan" ] } } 400: description: Invalid request body: application/json: example: { "error": [ { type: 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } 404: description: Policy does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find firewall/policy with name or id 'firewall_policies-2'", "args": { "uuid": "firewall_policies-2" }, "level": 1 } ] } delete: description: Delete a policy. responses: 204: description: Policy deleted. 404: description: Policy does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find firewall/policy with name or id 'firewall_policies-2'", "args": { "uuid": "firewall_policies-2" }, "level": 1 } ] } /cellfw: description: > The cellfw endpoints are related to checking, upgrading and scheduling upgrades for modem firmware. /info: type: base-type get: description: Retrieve modem version and related info responses: 200: body: application/json: type: cellFWInfo example: { "cellfw_info": { "firmware": "Model: EM7565\nBoot version: SWI9X50C_01.08.04.00\nAMSS version: SWI9X50C_01.08.04.00\n SKU ID: 1103520\nPackage ID: unknown\nCarrier ID: 1\nConfig version: 002.012_000", "operating_mode": "Mode: 'online'\nHW restricted: 'no'" } } /export: type: base-type description: > Retrieve system configuration for the Operations Manager. get: responses: 200: body: application/json: type: exportType /failover: type: base-type description: > Failover endpoint is to check failover status and retrieve / change failover settings. /settings: type: base-type description: > failover/settings endpoint is to check and update failover settings. get: description: Retrieve the current failover settings. responses: 200: description: > Returns the current failover settings.
body: application/json: type: failoverSettingsResponse example: { "failover_settings": { "enabled": true, "probe_physif": "net1", "probe_address": "8.8.8.8", "dormant_dns": true, "failover_physif": "wwan0" } } put: description: Set the failover settings. body: application/json: type: failoverSettingsPut examples: example1: { "failover_settings": { "enabled": true, "probe_physif": "net1", "probe_address": "8.8.8.8" } } example2: { "failover_settings": { "enabled": false, "probe_physif": "net2", "probe_address": "192.168.0.1", "dormant_dns": true, "failover_physif": "wwan0" } } responses: 200: description: Returns the current failover settings. body: application/json: type: failoverSettingsResponse examples: example1: { "failover_settings": { "enabled": true, "probe_physif": "net1", "probe_address": "8.8.8.8", "dormant_dns": false, "failover_physif": "wwan0" } } example2: { "failover_settings": { "enabled": false, "probe_physif": "net2", "probe_address": "192.168.0.1", "dormant_dns": true, "failover_physif": "wwan0" } } /status: type: base-type description: > failover/status endpoint is to check current failover status. get: description: Retrieve the current failover status. responses: 200: description: > Returns the current failover status. body: application/json: type: failoverStatus example: { "failover_status": { "status": "failover_complete" } } /cellmodem: description: Retrieve information about the cell modem. type: base-type get: description: This endpoint is used to retrieve status data about the cellular modem in the device # CellModems.getCellModemInfo responses: 200: description: A JSON object containing cellmodem information. body: application/json: type: getCellModemInfo example: { "cellmodem": { "enabled": true, "device": "wwan0", "up": true, "signalStrength": 89, "signal_quality": 89, "rssi": -67, "technology": "lte, cdma", "modem_status": "connected", "failure_reason": "none", "ipv4_addresses": ["123.127.198.4"], "ipv6_addresses": ["fe80::69dc:654f:f1e5:ff12"], "failover": { "enabled": false, "dormant": false, "active": false }, "sims": { "active_sim": 2, "failover_status": "enabled", "sim1": { "iccid": "89148000004743232368", "carrier": "Verizon Wireless", "apn": "VZWINTERNET", "ip_type": "ipv4v6", "username": "", "imsi": "", "state": "present", "last_active": 1598222515038, "last_update": 1598222515038, "signal_strength": 94 }, "sim2": { "iccid": "89014103278929156118", "carrier": "AT&T Wireless Inc", "apn": "i2gold", "ip_type": "ipv4v6", "username": "", "imsi": "310410892915611", "state": "present", "last_active": 1598222515038, "last_update": 1598222515038, "signal_strength": 93 } } } } 404: description: Cellular modem was not found. body: application/json: type: errorString example: { "error": "No Cellular Modem detected" } /sims: type: base-type description: > Cell modem SIM status get: description: Retrieve the current SIM status. responses: 200: description: > Returns the current SIM status. body: application/json: type: getCellModemSimInfo example: { "cellmodem_sims": [ { "id": "cellmodem-sim-1", "active": true, "slot": 1, "iccid": "89148000004743232368", "carrier": "Verizon Wireless", "apn": "VZWINTERNET", "ip_type": "ipv4v6", "username": "", "imsi": "", "state": "present", "last_active": 1598222515038, "last_update": 1598222515038, "signal_strength": 94 }, { "id": "cellmodem-sim-2", "active": false, "slot": 2, "iccid": "89014103278929156118", "carrier": "AT&T Wireless Inc", "apn": "i2gold", "ip_type": "ipv4v6", "username": "", "imsi": "310410892915611", "state": "present", "last_active": 1598222515038, "last_update": 1598222515038, "signal_strength": 93 } ] } 404: description: Cellular modem was not found. body: application/json: type: errorString example: { "error": "No Cellular Modem detected" } /ipsec_tunnels: description: > Read and manipulate the IPsec tunnels on the Operations Manager appliance. type: base-type # ipsec_tunnels.getTunnelList get: description: > Get a list of the IPsec tunnels. displayName: getTunnels queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask" ] default: "cleartext" required: false responses: 200: body: application/json: type: getTunnelListResponse example: { "ipsec_tunnels": [ { id: "0", name: "tunnel", enabled: true, initiate: false, version: "IKEv2", keying_tries: 5, dpd_enabled: true, dpd_action: "trap", dpd_delay: 20, dpd_timeout: 80, phase1_rekey_time: 4, phase1_rekey_unit: "days", phase1_reauth_time: 4, phase1_reauth_unit: "weeks", phase1_random_time: 2, phase1_random_unit: "minutes", phase1_over_time: 10, phase1_over_unit: "hours", phase2_rekey_time: 1, phase2_rekey_unit: "weeks", phase2_random_time: 70, phase2_random_unit: "seconds", phase2_life_time: 22, phase2_life_unit: "hours", proposal: "default-pfs", phase1_proposal: "default", phase2_proposal: "aes128-aes192-aes256-sha256-sha384-sha512-sha1-aesxcbc-modp2048-modp3072-modp4096-modp6144-modp8192-ecp224-ecp256-ecp384-ecp521", phase2_proposal_type: "esp", local_id: "", remote_id: "", local_address: "192.168.126.77", remote_address: "192.168.121.5", encap: true, local_subnet: "", remote_subnet: "", auth_mode: "psk", shared_secret: "default", runtime_status: { established: false } }, { id: "1", name: "remote-tunnel", enabled: false, initiate: false, version: "IKEv2", keying_tries: 15, dpd_enabled: true, dpd_action: "clear", dpd_delay: 40, dpd_timeout: 70, phase1_rekey_time: 2, phase1_rekey_unit: "days", phase1_reauth_time: 5, phase1_reauth_unit: "weeks", phase2_rekey_time: 2, phase2_rekey_unit: "weeks", proposal: "3des-sha-modp1024", phase1_proposal: "3des-sha-modp1024", phase2_proposal: "3des-sha-modp1024", phase2_proposal_type: "esp", local_id: "", remote_id: "", local_address: "", remote_address: "192.168.126.77", encap: true, local_subnet: "", remote_subnet: "", auth_mode: "psk", shared_secret: "password2", runtime_status: { established: true } }, { id: "2", name: "tunnel-pki", enabled: false, initiate: false, version: "IKEv2", keying_tries: 15, dpd_enabled: true, dpd_action: "clear", dpd_delay: 40, dpd_timeout: 70, phase1_rekey_time: 2, phase1_rekey_unit: "days", phase1_reauth_time: 5, phase1_reauth_unit: "weeks", phase2_rekey_time: 2, phase2_rekey_unit: "seconds", proposal: "3des-sha-modp1024", phase1_proposal: "3des-sha-modp1024", phase2_proposal: "3des-sha-modp1024", phase2_proposal_type: "esp", local_id: "", remote_id: "", local_address: "", remote_address: "192.168.126.78", encap: true, local_subnet: "", remote_subnet: "", auth_mode: "pki", runtime_status: { established: true } }, ] } #ipsec_tunnels.post post: description: Add a new network tunnel to the Operations Manager appliance. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: putTunnelBody example: { "ipsec_tunnel": { name: "tunnel", enabled: true, initiate: false, version: "IKEv1", local_address: "192.168.126.77", remote_address: "192.168.121.5", shared_secret: "default" } } responses: 200: description: The tunnel \{id} settings was updated. body: application/json: type: getTunnelResponse example: { "ipsec_tunnel": { id: "0", name: "tunnel", enabled: true, initiate: false, version: "IKEv1", keying_tries: 0, dpd_enabled: true, dpd_action: "restart", dpd_delay: 60, dpd_timeout: 90, phase1_rekey_time: 4, phase1_rekey_unit: "hours", phase1_reauth_time: 0, phase1_reauth_unit: "seconds", phase2_rekey_time: 1, phase2_rekey_unit: "hours", proposal: "default", phase1_proposal: "default", phase2_proposal: "default", phase2_proposal_type: "esp", local_id: "", remote_id: "", local_address: "192.168.126.77", remote_address: "192.168.121.5", local_subnet: "", remote_subnet: "", auth_mode: "psk", shared_secret: "default", runtime_status: { established: false } } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: tunnel id parameter missing. /{id}: type: base-type # ipsec_tunnel.get get: description: > Get the configuration of an IPsec tunnel on the Operations Manager appliance queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask" ] default: "cleartext" required: false responses: 200: body: application/json: type: getTunnelResponse example: { "ipsec_tunnel": { id: "0", name: "tunnel", enabled: true, initiate: false, version: "IKEv1-aggressive", keying_tries: 10, dpd_enabled: true, dpd_action: "clear", dpd_delay: 40, dpd_timeout: 100, phase1_rekey_time: 3, phase1_rekey_unit: "hours", phase1_reauth_time: 0, phase1_reauth_unit: "seconds", phase2_rekey_time: 2, phase2_rekey_unit: "hours", proposal: "3des-md5-modp768", phase1_proposal: "3des-md5-modp768", phase2_proposal: "3des-md5-modp768", phase2_proposal_type: "esp", local_id: "me@test.net", remote_id: "", local_address: "192.168.126.77", remote_address: "192.168.121.5", local_subnet: "", remote_subnet: "", auth_mode: "psk", shared_secret: "default", runtime_status: { established: false } } } # ipsec_tunnel.put put: description: > Update settings for an IPsec tunnel on the Operations Manager appliance. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: putTunnelBody example: { "ipsec_tunnel": { name: "tunnel", enabled: true, initiate: false, version: "IKEv1", local_address: "192.168.126.77", remote_address: "192.168.121.5", local_subnet: "", remote_subnet: "", shared_secret: "default" } } responses: 200: description: The tunnel settings were updated. body: application/json: type: getTunnelResponse example: { "ipsec_tunnel": { id: "0", name: "tunnel", enabled: true, initiate: false, version: "IKEv1", keying_tries: 0, dpd_enabled: true, dpd_action: "restart", dpd_delay: 60, dpd_timeout: 90, phase1_rekey_time: 4, phase1_rekey_unit: "hours", phase1_reauth_time: 0, phase1_reauth_unit: "seconds", phase2_rekey_time: 1, phase2_rekey_unit: "hours", proposal: "default", phase1_proposal: "default", phase2_proposal: "default", phase2_proposal_type: "esp", local_id: "", remote_id: "", local_address: "192.168.126.77", remote_address: "192.168.121.5", local_subnet: "", remote_subnet: "", auth_mode: "psk", shared_secret: "default", runtime_status: { established: false } } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: tunnel id parameter missing. 404: description: > tunnel {id} does not exist. Attempted to change read only fields. Attempted to change unknown fields. #ipsec_tunnel.delete delete: displayName: deleteTunnel description: > Delete an IPsec tunnel on the Operations Manager appliance responses: 200: description: Tunnel deleted 404: description: Tunnel did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec_tunnel with name or id 'system_net_ipsec-1'", "args": { "uuid": "system_net_ipsec-1" }, "level": 1 } ] } /ipsec: type: base-type description: > Read and manipulate files that are used by IPsec tunnels using Public Key Infrastructure (PKI) for authentication. /x509_bundles: description: > An x509 bundle is a collection of certificates stored in PKCS12 format. This bundle removes the need to upload individual certificates. type: base-type get: description: Get a list of x509 bundles stored on the device. displayName: getX509BundleListResponse queryParameters: secrets: type: string description: Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask" ] default: "cleartext" required: false responses: 200: description: The list of x509 bundles. body: application/json: type: getX509BundleListResponse example: { "x509_bundles": [ { id: "system_net_ipsec_files_x509_bundles-1", name: "bundle_1.p12", content: "MIIMyQIBAzCCDI8GCSqGSIb3DQEHAaCCDIAEggx8MIIMeDCCBy8GCSqGSIb3DQEHBqCCByAwggccAgEAMIIHFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIeJSe0WDoL8MCAggAgIIG6C3LA4m3OrKwWUEmZm4okKJnUSydP6uMMufkhNPf2/ntbC1GqsJO9DwyjEhAsKNqoXacAnR+W4DfZ3z8xu5SQ19wV9fmCYdYpAzsLwu4eMiV7fLR0ARzN/ngytxaDbtuIGt9+2xudJ/ESGtjVs8MPzEe234gv/k3lFMtQcM2iZBANfxF31Ozyb/aidW3mUWJPNl4Wb3gCE4rxPt5hjdOP/Fd9JAPxfHqWGyeMm7FWsbOHm6zWTrNtJGoXyePF6/p0sj9tpOVuckSdceIz2RIvTFIB/S7G7v45MyTFzCyNotL4kPIchkRuURJ11mh6votK8gfnDt18e7spe8HfMgQJWrNUJPh7niEjSOUFkhttG3V4VhI+cpPTQBhFyKL3hD3d8w1ifGFZy93LnVJURTRBqjUYukCi/OfE1NfgAPAkW8G4g5Pay6NmGpmtirIs3nYEH36MKP9EVh2CUFXfrL3WP+X/WzzrfntshISuEiQcBSNWL3wMBsOuQyJGoqAJM9d4OEkV+RXI3sHYZmO2uZkT7AUEZ6okFoFpwjcbzPo1/Yr0+GWugcjltdLtxC17CmfwNorYots0y+eKUFsihHLjreGNeDtwFRfhT+cj5crWggIGi7KyCVVsgi7d8hmbgk7tOMTfvSEMkZ869rZnt+a3Ta90KTgjUbaRw5DCKw44BuC27oDitJr37fhQB5g0BrwHjB/+yHKTBtcGy2yfflC6q8cdZgrQHCZAzK92eY6/BlnQB0uxjAgAOOh59RlOpsQ1ddzlvwEBiAm+pYl5VcYjUudqVIDq/61io0q8rWgDNu+VpqPi0ITtqgOD4s+iZDRI+kztK1rleJh9OUnzk01E9uOeZ7EeenygroEgeMn6sE9MWbYHntHf8Je2ljYSz0hHUUkqQQTf1JxXXbuM7ACopgrJIMJWH6Um333VhBTCFQ995Keview/VkQhyITKQks1+ndWeVTfHuSTd2NQQ/gwZLFCG+NZrNMr9vWe7joIIShbKyO4NrosTJkYGX5DJxXBC+pRsn9ugERjKdnn5p69ovKFXYA5y9F07iqGvU5+actdaSxTGx/6LMYT/lcqm6VvpcNEn/Sc7beuvjZfsWsxQvYm2SxQToqZzKmYh1vI6/HC8bDqDvWEI9FvV43HmMyENTXERl8ADhJcTjymzxTH7ZY9k69XvbkL4W9FFgtKglbINAyQo7L4277+C/dMTZMEE59PZnNIbuzUXZ3AJZDU+j6rtvUZdbefRtVEqs0bMmApVskMr+iuSIwCHTIymnJM6d6I44t32gb18v9mQLfyvkqgHjcEFLnB3c2wB9b7y1CpKJPVxPBteL3Gd2RIlOdyg57lJa4k0B1xOuwsqYYJugWQgBIHMjqxhmYcQ71o1QCLjJ5n8euZd/KsX6MvYcgDP2EYupfnM8m6kOKHPUMQC8JxcEY/Tjm2mcUyRyEo22sRyCBH7zk+IPDFZ5ww5PWjltNUMkayWf+GxdLsmbAYawpVCriGHC7V7L2gt2dhuVzjYL05S+TsDCsGQMOQI/NLmMKbKSJjEBYU/e8GK7xGguF95b/TMediw0nGWLmLbm9NFmAoiBNILqWZLrQeZYQy2rMFWB0R+OpFyFiexpVvxN+2k0U2D9EzwDriCiyDi+mRooC7Chvoj4ldrCH6XPS/PkWvWS1gh+mShKphT7eHsWSc9irAtUfi1L11OvxSbXEPtd62hmJjE4TQ+Y5TvjNeBN2YooO2zWNak0ouLYjHufU5Bx0nE/nBYRudtRFriCmraW0ucH7Tywysez7Ckwhk3fFKuAlUgFJP3xLjeFXS8x+FfAyddwLOHLJVwDrkC1my5Y3jfn9vaab7ywHxquWTfDSWEQdDf+Yu7/D+hqsAi2qSHwPgGFGRpua3YhFoCfKF9UDhNfJBZYbiYl7duQfkiU3whF5ABCid0XMMpM1x7EUeoQsmbNd4k/E+9p1SIfZ+9Ax4oDnL/AtcfapcBQ2dPnjLuF1AswtTSHIAv5FsDGSaPCHk+pD2S77jL9ln6KIZmxzw/8pzdLSvby0ANE0m+nTNBVavjz4EU20WbUEVXVJvWHa64/QR/1WDSM6EqT/9bnC5/EtFG2MGLbyt8tNQjujUffowS1BVU/QKtO1mKP6wkqq3BFpTt4VU8nZnHnWTv9l0d11qbCOvrXbVnKu21fQF8G0cFonZGuQxCs/9O99ffn5sDN1HxPa0a2UYczhImL8K/uJT8J7JpIhKRZm4VkdJM/fM/Jaek0n+9u1pXGb0Ikl71r7iXKdwxBngcUveWBsT3p4/1ySa+qrT4AmyRoOgHNx4WBW9RMfY3fwEtvpX1UxI7I7LkWiuGJ43sF5jcdUT7SeW0cwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQI1W0hhU1AvikCAggABIIEyL5K7kZIU4Vb56/FqdrS0e4di5dal6VciBwGFstJVEMORkMEUgveaSInZbQGlO9rJSfk5crFMfI0SfznEdKOBQpYvyQYntm/YrJpp5pCXpo2FZh9luseGeh2wA38Gsq59dn4OWs7UGJSKGjSNcI9bGON9L2L25pbJCEFDPbxOJwDAad1gmSLydADaA8Yc0KTb9c0XrhtT8TZ8Ez+wKT6VGTLLinPClOnpD3JMLfcnxBQCzVs20Am8t0UXgaHlenWyh36zkpl6PfxqQJ4TEoDq1kjQASV3aPe0NwR3puI7za8wW7fLggyO0fC8FVMXPR/RmRNGBLi5+OpLwhTm/DI34CEYA2v78Nsb6g0HWX58qfeDrHfkHKjKv0uPcc6W1WmiMOJnylZ2WlKGk8Y+w/ehJqgZCpa16QzlT3/TJ3s8Twm9msFzMFK/6lHmCXtOA9YvFhp/D+hhZh16hsNzS9TuQ7d3HMAb2N1O610XiMOO6i5Mf6XyH5fVCw571A0oCnE+ieZCZoYyQaOSWd0r0qkPHFr9BlACrpkdgHVKCGji1oI10+QhLeUuVJgPbATavzQxKgrk/KXG4inH/gtKbdZ2sH35uZj22JrO/LAPQ608rfvQM28v/0dbY7/Ge8Oa49t82JJNMJwxQMG3wNTraj51+CnYMx9GsMoy+NAiMVkjrVP4RiawMk2M/mAqf4gbYb6q1l8iCearG1oNAK/6zdxH8b/uLq/PhxWPaT0BniJPbasEKyrzTJB2wlswwESROfiREDUClWG1djzsKI73Bn1NAtmKZUkQEFiozE69SBYRwXC/XqP5FZSY8bXZIdMm94aOkrohjxbeRRx+52Tu+uXe3S61G6vBowzuEbkqeXeFSOpXR62MYaOsVaniB9u2TwKUFliD5jpX+Z479wX6c4rHkNIiLerIYRg5iHC7/H9BbewGCZ9rbw00mOkTpOWf6C0ni2L7kmbxLl5IaHqyavNCSQkEuelK8YOq65U9TXWwBwfb8GCZOVMOWayG/nO4c0M1LfgsprYhbJUoF1V+4amrLrJbgEouUStEEgg5gHI//+2LiHX2gU2EydB9ne6m+h6lLpNDZjVgKhuJdHBy6jf4jGEpR694z341GEv6M4HZ4p4AVAx7LIvgS4FT2++GbPVThpZvzY/EL8M/yt0wUhWpOWnqO9YGqUapxCoGttSg24skTDsUfbU2ltf2giOSqFgOMIc9DgsKKqb5L6x+FTA0JzQrrSOSdfdKHM8Vus8uEF0REDFouH7CkbmtwRdHFjQuFeWRwnxtXnkhHA3riC21JJSt9awTK3CehbvpAd6iV2emFMmXDWtRVB5JGXKsfleb8ctVbcPArqX6Hv+uBZtFRdZC2yUVMvacaSylEZdNfSLC7BMRW1bQ6U1fcxrOy2Xrl5M2SlF3CpQ1u5eAOsWhIuwKqKBCZssDXxXgnKHgMPrInwLNm+pRI+/P7choUZUmPd9w+/WjpsMWBKLlTTzCHtfA3S6QMvTJor02TyGwETga2Lfe/FUHxRqd2cS8/oe70zQNVb47Lx4Rv0p+E6JaUm3SQZ//pCK/4c5so69y5BCazHPlON6o0WV8EcQNyjdrXn5XO3ZY06kBibZfnXzXRROKMz7YsthNzElMCMGCSqGSIb3DQEJFTEWBBTsTioxPc2KkCi5ohjqjZsUFRMlCDAxMCEwCQYFKw4DAhoFAAQUGenOqzXKjdA6z0DTAwsG/40AwrgECEigJt/JI2HMAgIIAA==", password: "TkcxJAAAABDz14VOkQ5K7qU+HmxBn6BCBmh3XIDOI0NuoYnqtWDVBA==", timestamp: "2021-05-31T22:57:25+00:00" }, { id: "system_net_ipsec_files_x509_bundles-2", name: "bundle_2.p12", content: "MIIMyQIBAzCCDI8GCSqGSIb3DQEHAaCCDIAEggx8MIIMeDCCBy8GCSqGSIb3DQEHBqCCByAwggccAgEAMIIHFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIeJSe0WDoL8MCAggAgIIG6C3LA4m3OrKwWUEmZm4okKJnUSydP6uMMufkhNPf2/ntbC1GqsJO9DwyjEhAsKNqoXacAnR+W4DfZ3z8xu5SQ19wV9fmCYdYpAzsLwu4eMiV7fLR0ARzN/ngytxaDbtuIGt9+2xudJ/ESGtjVs8MPzEe234gv/k3lFMtQcM2iZBANfxF31Ozyb/aidW3mUWJPNl4Wb3gCE4rxPt5hjdOP/Fd9JAPxfHqWGyeMm7FWsbOHm6zWTrNtJGoXyePF6/p0sj9tpOVuckSdceIz2RIvTFIB/S7G7v45MyTFzCyNotL4kPIchkRuURJ11mh6votK8gfnDt18e7spe8HfMgQJWrNUJPh7niEjSOUFkhttG3V4VhI+cpPTQBhFyKL3hD3d8w1ifGFZy93LnVJURTRBqjUYukCi/OfE1NfgAPAkW8G4g5Pay6NmGpmtirIs3nYEH36MKP9EVh2CUFXfrL3WP+X/WzzrfntshISuEiQcBSNWL3wMBsOuQyJGoqAJM9d4OEkV+RXI3sHYZmO2uZkT7AUEZ6okFoFpwjcbzPo1/Yr0+GWugcjltdLtxC17CmfwNorYots0y+eKUFsihHLjreGNeDtwFRfhT+cj5crWggIGi7KyCVVsgi7d8hmbgk7tOMTfvSEMkZ869rZnt+a3Ta90KTgjUbaRw5DCKw44BuC27oDitJr37fhQB5g0BrwHjB/+yHKTBtcGy2yfflC6q8cdZgrQHCZAzK92eY6/BlnQB0uxjAgAOOh59RlOpsQ1ddzlvwEBiAm+pYl5VcYjUudqVIDq/61io0q8rWgDNu+VpqPi0ITtqgOD4s+iZDRI+kztK1rleJh9OUnzk01E9uOeZ7EeenygroEgeMn6sE9MWbYHntHf8Je2ljYSz0hHUUkqQQTf1JxXXbuM7ACopgrJIMJWH6Um333VhBTCFQ995Keview/VkQhyITKQks1+ndWeVTfHuSTd2NQQ/gwZLFCG+NZrNMr9vWe7joIIShbKyO4NrosTJkYGX5DJxXBC+pRsn9ugERjKdnn5p69ovKFXYA5y9F07iqGvU5+actdaSxTGx/6LMYT/lcqm6VvpcNEn/Sc7beuvjZfsWsxQvYm2SxQToqZzKmYh1vI6/HC8bDqDvWEI9FvV43HmMyENTXERl8ADhJcTjymzxTH7ZY9k69XvbkL4W9FFgtKglbINAyQo7L4277+C/dMTZMEE59PZnNIbuzUXZ3AJZDU+j6rtvUZdbefRtVEqs0bMmApVskMr+iuSIwCHTIymnJM6d6I44t32gb18v9mQLfyvkqgHjcEFLnB3c2wB9b7y1CpKJPVxPBteL3Gd2RIlOdyg57lJa4k0B1xOuwsqYYJugWQgBIHMjqxhmYcQ71o1QCLjJ5n8euZd/KsX6MvYcgDP2EYupfnM8m6kOKHPUMQC8JxcEY/Tjm2mcUyRyEo22sRyCBH7zk+IPDFZ5ww5PWjltNUMkayWf+GxdLsmbAYawpVCriGHC7V7L2gt2dhuVzjYL05S+TsDCsGQMOQI/NLmMKbKSJjEBYU/e8GK7xGguF95b/TMediw0nGWLmLbm9NFmAoiBNILqWZLrQeZYQy2rMFWB0R+OpFyFiexpVvxN+2k0U2D9EzwDriCiyDi+mRooC7Chvoj4ldrCH6XPS/PkWvWS1gh+mShKphT7eHsWSc9irAtUfi1L11OvxSbXEPtd62hmJjE4TQ+Y5TvjNeBN2YooO2zWNak0ouLYjHufU5Bx0nE/nBYRudtRFriCmraW0ucH7Tywysez7Ckwhk3fFKuAlUgFJP3xLjeFXS8x+FfAyddwLOHLJVwDrkC1my5Y3jfn9vaab7ywHxquWTfDSWEQdDf+Yu7/D+hqsAi2qSHwPgGFGRpua3YhFoCfKF9UDhNfJBZYbiYl7duQfkiU3whF5ABCid0XMMpM1x7EUeoQsmbNd4k/E+9p1SIfZ+9Ax4oDnL/AtcfapcBQ2dPnjLuF1AswtTSHIAv5FsDGSaPCHk+pD2S77jL9ln6KIZmxzw/8pzdLSvby0ANE0m+nTNBVavjz4EU20WbUEVXVJvWHa64/QR/1WDSM6EqT/9bnC5/EtFG2MGLbyt8tNQjujUffowS1BVU/QKtO1mKP6wkqq3BFpTt4VU8nZnHnWTv9l0d11qbCOvrXbVnKu21fQF8G0cFonZGuQxCs/9O99ffn5sDN1HxPa0a2UYczhImL8K/uJT8J7JpIhKRZm4VkdJM/fM/Jaek0n+9u1pXGb0Ikl71r7iXKdwxBngcUveWBsT3p4/1ySa+qrT4AmyRoOgHNx4WBW9RMfY3fwEtvpX1UxI7I7LkWiuGJ43sF5jcdUT7SeW0cwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQI1W0hhU1AvikCAggABIIEyL5K7kZIU4Vb56/FqdrS0e4di5dal6VciBwGFstJVEMORkMEUgveaSInZbQGlO9rJSfk5crFMfI0SfznEdKOBQpYvyQYntm/YrJpp5pCXpo2FZh9luseGeh2wA38Gsq59dn4OWs7UGJSKGjSNcI9bGON9L2L25pbJCEFDPbxOJwDAad1gmSLydADaA8Yc0KTb9c0XrhtT8TZ8Ez+wKT6VGTLLinPClOnpD3JMLfcnxBQCzVs20Am8t0UXgaHlenWyh36zkpl6PfxqQJ4TEoDq1kjQASV3aPe0NwR3puI7za8wW7fLggyO0fC8FVMXPR/RmRNGBLi5+OpLwhTm/DI34CEYA2v78Nsb6g0HWX58qfeDrHfkHKjKv0uPcc6W1WmiMOJnylZ2WlKGk8Y+w/ehJqgZCpa16QzlT3/TJ3s8Twm9msFzMFK/6lHmCXtOA9YvFhp/D+hhZh16hsNzS9TuQ7d3HMAb2N1O610XiMOO6i5Mf6XyH5fVCw571A0oCnE+ieZCZoYyQaOSWd0r0qkPHFr9BlACrpkdgHVKCGji1oI10+QhLeUuVJgPbATavzQxKgrk/KXG4inH/gtKbdZ2sH35uZj22JrO/LAPQ608rfvQM28v/0dbY7/Ge8Oa49t82JJNMJwxQMG3wNTraj51+CnYMx9GsMoy+NAiMVkjrVP4RiawMk2M/mAqf4gbYb6q1l8iCearG1oNAK/6zdxH8b/uLq/PhxWPaT0BniJPbasEKyrzTJB2wlswwESROfiREDUClWG1djzsKI73Bn1NAtmKZUkQEFiozE69SBYRwXC/XqP5FZSY8bXZIdMm94aOkrohjxbeRRx+52Tu+uXe3S61G6vBowzuEbkqeXeFSOpXR62MYaOsVaniB9u2TwKUFliD5jpX+Z479wX6c4rHkNIiLerIYRg5iHC7/H9BbewGCZ9rbw00mOkTpOWf6C0ni2L7kmbxLl5IaHqyavNCSQkEuelK8YOq65U9TXWwBwfb8GCZOVMOWayG/nO4c0M1LfgsprYhbJUoF1V+4amrLrJbgEouUStEEgg5gHI//+2LiHX2gU2EydB9ne6m+h6lLpNDZjVgKhuJdHBy6jf4jGEpR694z341GEv6M4HZ4p4AVAx7LIvgS4FT2++GbPVThpZvzY/EL8M/yt0wUhWpOWnqO9YGqUapxCoGttSg24skTDsUfbU2ltf2giOSqFgOMIc9DgsKKqb5L6x+FTA0JzQrrSOSdfdKHM8Vus8uEF0REDFouH7CkbmtwRdHFjQuFeWRwnxtXnkhHA3riC21JJSt9awTK3CehbvpAd6iV2emFMmXDWtRVB5JGXKsfleb8ctVbcPArqX6Hv+uBZtFRdZC2yUVMvacaSylEZdNfSLC7BMRW1bQ6U1fcxrOy2Xrl5M2SlF3CpQ1u5eAOsWhIuwKqKBCZssDXxXgnKHgMPrInwLNm+pRI+/P7choUZUmPd9w+/WjpsMWBKLlTTzCHtfA3S6QMvTJor02TyGwETga2Lfe/FUHxRqd2cS8/oe70zQNVb47Lx4Rv0p+E6JaUm3SQZ//pCK/4c5so69y5BCazHPlON6o0WV8EcQNyjdrXn5XO3ZY06kBibZfnXzXRROKMz7YsthNzElMCMGCSqGSIb3DQEJFTEWBBTsTioxPc2KkCi5ohjqjZsUFRMlCDAxMCEwCQYFKw4DAhoFAAQUGenOqzXKjdA6z0DTAwsG/40AwrgECEigJt/JI2HMAgIIAA==", password: "TkcxJAAAABDz14VOkQ5K7qU+HmxBn6BCj3iQ7nfaHR6qU8MBGapj4g==", timestamp: "2021-05-31T22:57:25+00:00" }, ] } post: description: Configure a new x509 bundle. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: postX509BundleBody example: { "x509_bundle": { name: "bundle.p12", content: "MIIMyQIBAzCCDI8GCSqGSIb3DQEHAaCCDIAEggx8MIIMeDCCBy8GCSqGSIb3DQEHBqCCByAwggccAgEAMIIHFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIeJSe0WDoL8MCAggAgIIG6C3LA4m3OrKwWUEmZm4okKJnUSydP6uMMufkhNPf2/ntbC1GqsJO9DwyjEhAsKNqoXacAnR+W4DfZ3z8xu5SQ19wV9fmCYdYpAzsLwu4eMiV7fLR0ARzN/ngytxaDbtuIGt9+2xudJ/ESGtjVs8MPzEe234gv/k3lFMtQcM2iZBANfxF31Ozyb/aidW3mUWJPNl4Wb3gCE4rxPt5hjdOP/Fd9JAPxfHqWGyeMm7FWsbOHm6zWTrNtJGoXyePF6/p0sj9tpOVuckSdceIz2RIvTFIB/S7G7v45MyTFzCyNotL4kPIchkRuURJ11mh6votK8gfnDt18e7spe8HfMgQJWrNUJPh7niEjSOUFkhttG3V4VhI+cpPTQBhFyKL3hD3d8w1ifGFZy93LnVJURTRBqjUYukCi/OfE1NfgAPAkW8G4g5Pay6NmGpmtirIs3nYEH36MKP9EVh2CUFXfrL3WP+X/WzzrfntshISuEiQcBSNWL3wMBsOuQyJGoqAJM9d4OEkV+RXI3sHYZmO2uZkT7AUEZ6okFoFpwjcbzPo1/Yr0+GWugcjltdLtxC17CmfwNorYots0y+eKUFsihHLjreGNeDtwFRfhT+cj5crWggIGi7KyCVVsgi7d8hmbgk7tOMTfvSEMkZ869rZnt+a3Ta90KTgjUbaRw5DCKw44BuC27oDitJr37fhQB5g0BrwHjB/+yHKTBtcGy2yfflC6q8cdZgrQHCZAzK92eY6/BlnQB0uxjAgAOOh59RlOpsQ1ddzlvwEBiAm+pYl5VcYjUudqVIDq/61io0q8rWgDNu+VpqPi0ITtqgOD4s+iZDRI+kztK1rleJh9OUnzk01E9uOeZ7EeenygroEgeMn6sE9MWbYHntHf8Je2ljYSz0hHUUkqQQTf1JxXXbuM7ACopgrJIMJWH6Um333VhBTCFQ995Keview/VkQhyITKQks1+ndWeVTfHuSTd2NQQ/gwZLFCG+NZrNMr9vWe7joIIShbKyO4NrosTJkYGX5DJxXBC+pRsn9ugERjKdnn5p69ovKFXYA5y9F07iqGvU5+actdaSxTGx/6LMYT/lcqm6VvpcNEn/Sc7beuvjZfsWsxQvYm2SxQToqZzKmYh1vI6/HC8bDqDvWEI9FvV43HmMyENTXERl8ADhJcTjymzxTH7ZY9k69XvbkL4W9FFgtKglbINAyQo7L4277+C/dMTZMEE59PZnNIbuzUXZ3AJZDU+j6rtvUZdbefRtVEqs0bMmApVskMr+iuSIwCHTIymnJM6d6I44t32gb18v9mQLfyvkqgHjcEFLnB3c2wB9b7y1CpKJPVxPBteL3Gd2RIlOdyg57lJa4k0B1xOuwsqYYJugWQgBIHMjqxhmYcQ71o1QCLjJ5n8euZd/KsX6MvYcgDP2EYupfnM8m6kOKHPUMQC8JxcEY/Tjm2mcUyRyEo22sRyCBH7zk+IPDFZ5ww5PWjltNUMkayWf+GxdLsmbAYawpVCriGHC7V7L2gt2dhuVzjYL05S+TsDCsGQMOQI/NLmMKbKSJjEBYU/e8GK7xGguF95b/TMediw0nGWLmLbm9NFmAoiBNILqWZLrQeZYQy2rMFWB0R+OpFyFiexpVvxN+2k0U2D9EzwDriCiyDi+mRooC7Chvoj4ldrCH6XPS/PkWvWS1gh+mShKphT7eHsWSc9irAtUfi1L11OvxSbXEPtd62hmJjE4TQ+Y5TvjNeBN2YooO2zWNak0ouLYjHufU5Bx0nE/nBYRudtRFriCmraW0ucH7Tywysez7Ckwhk3fFKuAlUgFJP3xLjeFXS8x+FfAyddwLOHLJVwDrkC1my5Y3jfn9vaab7ywHxquWTfDSWEQdDf+Yu7/D+hqsAi2qSHwPgGFGRpua3YhFoCfKF9UDhNfJBZYbiYl7duQfkiU3whF5ABCid0XMMpM1x7EUeoQsmbNd4k/E+9p1SIfZ+9Ax4oDnL/AtcfapcBQ2dPnjLuF1AswtTSHIAv5FsDGSaPCHk+pD2S77jL9ln6KIZmxzw/8pzdLSvby0ANE0m+nTNBVavjz4EU20WbUEVXVJvWHa64/QR/1WDSM6EqT/9bnC5/EtFG2MGLbyt8tNQjujUffowS1BVU/QKtO1mKP6wkqq3BFpTt4VU8nZnHnWTv9l0d11qbCOvrXbVnKu21fQF8G0cFonZGuQxCs/9O99ffn5sDN1HxPa0a2UYczhImL8K/uJT8J7JpIhKRZm4VkdJM/fM/Jaek0n+9u1pXGb0Ikl71r7iXKdwxBngcUveWBsT3p4/1ySa+qrT4AmyRoOgHNx4WBW9RMfY3fwEtvpX1UxI7I7LkWiuGJ43sF5jcdUT7SeW0cwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQI1W0hhU1AvikCAggABIIEyL5K7kZIU4Vb56/FqdrS0e4di5dal6VciBwGFstJVEMORkMEUgveaSInZbQGlO9rJSfk5crFMfI0SfznEdKOBQpYvyQYntm/YrJpp5pCXpo2FZh9luseGeh2wA38Gsq59dn4OWs7UGJSKGjSNcI9bGON9L2L25pbJCEFDPbxOJwDAad1gmSLydADaA8Yc0KTb9c0XrhtT8TZ8Ez+wKT6VGTLLinPClOnpD3JMLfcnxBQCzVs20Am8t0UXgaHlenWyh36zkpl6PfxqQJ4TEoDq1kjQASV3aPe0NwR3puI7za8wW7fLggyO0fC8FVMXPR/RmRNGBLi5+OpLwhTm/DI34CEYA2v78Nsb6g0HWX58qfeDrHfkHKjKv0uPcc6W1WmiMOJnylZ2WlKGk8Y+w/ehJqgZCpa16QzlT3/TJ3s8Twm9msFzMFK/6lHmCXtOA9YvFhp/D+hhZh16hsNzS9TuQ7d3HMAb2N1O610XiMOO6i5Mf6XyH5fVCw571A0oCnE+ieZCZoYyQaOSWd0r0qkPHFr9BlACrpkdgHVKCGji1oI10+QhLeUuVJgPbATavzQxKgrk/KXG4inH/gtKbdZ2sH35uZj22JrO/LAPQ608rfvQM28v/0dbY7/Ge8Oa49t82JJNMJwxQMG3wNTraj51+CnYMx9GsMoy+NAiMVkjrVP4RiawMk2M/mAqf4gbYb6q1l8iCearG1oNAK/6zdxH8b/uLq/PhxWPaT0BniJPbasEKyrzTJB2wlswwESROfiREDUClWG1djzsKI73Bn1NAtmKZUkQEFiozE69SBYRwXC/XqP5FZSY8bXZIdMm94aOkrohjxbeRRx+52Tu+uXe3S61G6vBowzuEbkqeXeFSOpXR62MYaOsVaniB9u2TwKUFliD5jpX+Z479wX6c4rHkNIiLerIYRg5iHC7/H9BbewGCZ9rbw00mOkTpOWf6C0ni2L7kmbxLl5IaHqyavNCSQkEuelK8YOq65U9TXWwBwfb8GCZOVMOWayG/nO4c0M1LfgsprYhbJUoF1V+4amrLrJbgEouUStEEgg5gHI//+2LiHX2gU2EydB9ne6m+h6lLpNDZjVgKhuJdHBy6jf4jGEpR694z341GEv6M4HZ4p4AVAx7LIvgS4FT2++GbPVThpZvzY/EL8M/yt0wUhWpOWnqO9YGqUapxCoGttSg24skTDsUfbU2ltf2giOSqFgOMIc9DgsKKqb5L6x+FTA0JzQrrSOSdfdKHM8Vus8uEF0REDFouH7CkbmtwRdHFjQuFeWRwnxtXnkhHA3riC21JJSt9awTK3CehbvpAd6iV2emFMmXDWtRVB5JGXKsfleb8ctVbcPArqX6Hv+uBZtFRdZC2yUVMvacaSylEZdNfSLC7BMRW1bQ6U1fcxrOy2Xrl5M2SlF3CpQ1u5eAOsWhIuwKqKBCZssDXxXgnKHgMPrInwLNm+pRI+/P7choUZUmPd9w+/WjpsMWBKLlTTzCHtfA3S6QMvTJor02TyGwETga2Lfe/FUHxRqd2cS8/oe70zQNVb47Lx4Rv0p+E6JaUm3SQZ//pCK/4c5so69y5BCazHPlON6o0WV8EcQNyjdrXn5XO3ZY06kBibZfnXzXRROKMz7YsthNzElMCMGCSqGSIb3DQEJFTEWBBTsTioxPc2KkCi5ohjqjZsUFRMlCDAxMCEwCQYFKw4DAhoFAAQUGenOqzXKjdA6z0DTAwsG/40AwrgECEigJt/JI2HMAgIIAA==", password: "TkcxJAAAABDz14VOkQ5K7qU+HmxBn6BCj3iQ7nfaHR6qU8MBGapj4g==" } } responses: 201: description: The x509 bundle /{id} settings was updated. body: application/json: type: getX509BundleResponse example: { "x509_bundle": { id: "system_net_ipsec_files_x509_bundles-1", name: "bundle.p12", content: "MIIMyQIBAzCCDI8GCSqGSIb3DQEHAaCCDIAEggx8MIIMeDCCBy8GCSqGSIb3DQEHBqCCByAwggccAgEAMIIHFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIeJSe0WDoL8MCAggAgIIG6C3LA4m3OrKwWUEmZm4okKJnUSydP6uMMufkhNPf2/ntbC1GqsJO9DwyjEhAsKNqoXacAnR+W4DfZ3z8xu5SQ19wV9fmCYdYpAzsLwu4eMiV7fLR0ARzN/ngytxaDbtuIGt9+2xudJ/ESGtjVs8MPzEe234gv/k3lFMtQcM2iZBANfxF31Ozyb/aidW3mUWJPNl4Wb3gCE4rxPt5hjdOP/Fd9JAPxfHqWGyeMm7FWsbOHm6zWTrNtJGoXyePF6/p0sj9tpOVuckSdceIz2RIvTFIB/S7G7v45MyTFzCyNotL4kPIchkRuURJ11mh6votK8gfnDt18e7spe8HfMgQJWrNUJPh7niEjSOUFkhttG3V4VhI+cpPTQBhFyKL3hD3d8w1ifGFZy93LnVJURTRBqjUYukCi/OfE1NfgAPAkW8G4g5Pay6NmGpmtirIs3nYEH36MKP9EVh2CUFXfrL3WP+X/WzzrfntshISuEiQcBSNWL3wMBsOuQyJGoqAJM9d4OEkV+RXI3sHYZmO2uZkT7AUEZ6okFoFpwjcbzPo1/Yr0+GWugcjltdLtxC17CmfwNorYots0y+eKUFsihHLjreGNeDtwFRfhT+cj5crWggIGi7KyCVVsgi7d8hmbgk7tOMTfvSEMkZ869rZnt+a3Ta90KTgjUbaRw5DCKw44BuC27oDitJr37fhQB5g0BrwHjB/+yHKTBtcGy2yfflC6q8cdZgrQHCZAzK92eY6/BlnQB0uxjAgAOOh59RlOpsQ1ddzlvwEBiAm+pYl5VcYjUudqVIDq/61io0q8rWgDNu+VpqPi0ITtqgOD4s+iZDRI+kztK1rleJh9OUnzk01E9uOeZ7EeenygroEgeMn6sE9MWbYHntHf8Je2ljYSz0hHUUkqQQTf1JxXXbuM7ACopgrJIMJWH6Um333VhBTCFQ995Keview/VkQhyITKQks1+ndWeVTfHuSTd2NQQ/gwZLFCG+NZrNMr9vWe7joIIShbKyO4NrosTJkYGX5DJxXBC+pRsn9ugERjKdnn5p69ovKFXYA5y9F07iqGvU5+actdaSxTGx/6LMYT/lcqm6VvpcNEn/Sc7beuvjZfsWsxQvYm2SxQToqZzKmYh1vI6/HC8bDqDvWEI9FvV43HmMyENTXERl8ADhJcTjymzxTH7ZY9k69XvbkL4W9FFgtKglbINAyQo7L4277+C/dMTZMEE59PZnNIbuzUXZ3AJZDU+j6rtvUZdbefRtVEqs0bMmApVskMr+iuSIwCHTIymnJM6d6I44t32gb18v9mQLfyvkqgHjcEFLnB3c2wB9b7y1CpKJPVxPBteL3Gd2RIlOdyg57lJa4k0B1xOuwsqYYJugWQgBIHMjqxhmYcQ71o1QCLjJ5n8euZd/KsX6MvYcgDP2EYupfnM8m6kOKHPUMQC8JxcEY/Tjm2mcUyRyEo22sRyCBH7zk+IPDFZ5ww5PWjltNUMkayWf+GxdLsmbAYawpVCriGHC7V7L2gt2dhuVzjYL05S+TsDCsGQMOQI/NLmMKbKSJjEBYU/e8GK7xGguF95b/TMediw0nGWLmLbm9NFmAoiBNILqWZLrQeZYQy2rMFWB0R+OpFyFiexpVvxN+2k0U2D9EzwDriCiyDi+mRooC7Chvoj4ldrCH6XPS/PkWvWS1gh+mShKphT7eHsWSc9irAtUfi1L11OvxSbXEPtd62hmJjE4TQ+Y5TvjNeBN2YooO2zWNak0ouLYjHufU5Bx0nE/nBYRudtRFriCmraW0ucH7Tywysez7Ckwhk3fFKuAlUgFJP3xLjeFXS8x+FfAyddwLOHLJVwDrkC1my5Y3jfn9vaab7ywHxquWTfDSWEQdDf+Yu7/D+hqsAi2qSHwPgGFGRpua3YhFoCfKF9UDhNfJBZYbiYl7duQfkiU3whF5ABCid0XMMpM1x7EUeoQsmbNd4k/E+9p1SIfZ+9Ax4oDnL/AtcfapcBQ2dPnjLuF1AswtTSHIAv5FsDGSaPCHk+pD2S77jL9ln6KIZmxzw/8pzdLSvby0ANE0m+nTNBVavjz4EU20WbUEVXVJvWHa64/QR/1WDSM6EqT/9bnC5/EtFG2MGLbyt8tNQjujUffowS1BVU/QKtO1mKP6wkqq3BFpTt4VU8nZnHnWTv9l0d11qbCOvrXbVnKu21fQF8G0cFonZGuQxCs/9O99ffn5sDN1HxPa0a2UYczhImL8K/uJT8J7JpIhKRZm4VkdJM/fM/Jaek0n+9u1pXGb0Ikl71r7iXKdwxBngcUveWBsT3p4/1ySa+qrT4AmyRoOgHNx4WBW9RMfY3fwEtvpX1UxI7I7LkWiuGJ43sF5jcdUT7SeW0cwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQI1W0hhU1AvikCAggABIIEyL5K7kZIU4Vb56/FqdrS0e4di5dal6VciBwGFstJVEMORkMEUgveaSInZbQGlO9rJSfk5crFMfI0SfznEdKOBQpYvyQYntm/YrJpp5pCXpo2FZh9luseGeh2wA38Gsq59dn4OWs7UGJSKGjSNcI9bGON9L2L25pbJCEFDPbxOJwDAad1gmSLydADaA8Yc0KTb9c0XrhtT8TZ8Ez+wKT6VGTLLinPClOnpD3JMLfcnxBQCzVs20Am8t0UXgaHlenWyh36zkpl6PfxqQJ4TEoDq1kjQASV3aPe0NwR3puI7za8wW7fLggyO0fC8FVMXPR/RmRNGBLi5+OpLwhTm/DI34CEYA2v78Nsb6g0HWX58qfeDrHfkHKjKv0uPcc6W1WmiMOJnylZ2WlKGk8Y+w/ehJqgZCpa16QzlT3/TJ3s8Twm9msFzMFK/6lHmCXtOA9YvFhp/D+hhZh16hsNzS9TuQ7d3HMAb2N1O610XiMOO6i5Mf6XyH5fVCw571A0oCnE+ieZCZoYyQaOSWd0r0qkPHFr9BlACrpkdgHVKCGji1oI10+QhLeUuVJgPbATavzQxKgrk/KXG4inH/gtKbdZ2sH35uZj22JrO/LAPQ608rfvQM28v/0dbY7/Ge8Oa49t82JJNMJwxQMG3wNTraj51+CnYMx9GsMoy+NAiMVkjrVP4RiawMk2M/mAqf4gbYb6q1l8iCearG1oNAK/6zdxH8b/uLq/PhxWPaT0BniJPbasEKyrzTJB2wlswwESROfiREDUClWG1djzsKI73Bn1NAtmKZUkQEFiozE69SBYRwXC/XqP5FZSY8bXZIdMm94aOkrohjxbeRRx+52Tu+uXe3S61G6vBowzuEbkqeXeFSOpXR62MYaOsVaniB9u2TwKUFliD5jpX+Z479wX6c4rHkNIiLerIYRg5iHC7/H9BbewGCZ9rbw00mOkTpOWf6C0ni2L7kmbxLl5IaHqyavNCSQkEuelK8YOq65U9TXWwBwfb8GCZOVMOWayG/nO4c0M1LfgsprYhbJUoF1V+4amrLrJbgEouUStEEgg5gHI//+2LiHX2gU2EydB9ne6m+h6lLpNDZjVgKhuJdHBy6jf4jGEpR694z341GEv6M4HZ4p4AVAx7LIvgS4FT2++GbPVThpZvzY/EL8M/yt0wUhWpOWnqO9YGqUapxCoGttSg24skTDsUfbU2ltf2giOSqFgOMIc9DgsKKqb5L6x+FTA0JzQrrSOSdfdKHM8Vus8uEF0REDFouH7CkbmtwRdHFjQuFeWRwnxtXnkhHA3riC21JJSt9awTK3CehbvpAd6iV2emFMmXDWtRVB5JGXKsfleb8ctVbcPArqX6Hv+uBZtFRdZC2yUVMvacaSylEZdNfSLC7BMRW1bQ6U1fcxrOy2Xrl5M2SlF3CpQ1u5eAOsWhIuwKqKBCZssDXxXgnKHgMPrInwLNm+pRI+/P7choUZUmPd9w+/WjpsMWBKLlTTzCHtfA3S6QMvTJor02TyGwETga2Lfe/FUHxRqd2cS8/oe70zQNVb47Lx4Rv0p+E6JaUm3SQZ//pCK/4c5so69y5BCazHPlON6o0WV8EcQNyjdrXn5XO3ZY06kBibZfnXzXRROKMz7YsthNzElMCMGCSqGSIb3DQEJFTEWBBTsTioxPc2KkCi5ohjqjZsUFRMlCDAxMCEwCQYFKw4DAhoFAAQUGenOqzXKjdA6z0DTAwsG/40AwrgECEigJt/JI2HMAgIIAA==", password: "TkcxJAAAABDz14VOkQ5K7qU+HmxBn6BCj3iQ7nfaHR6qU8MBGapj4g==", timestamp: "2021-05-31T22:57:25+00:00" } } 400: description: > Invalid request: Body is not json or does not conform to required json schema. Incomplete data: x509 bundle parameter missing. /{id}: type: base-type get: description: Get a single configured x509 bundle by its ID. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask" ] default: "cleartext" required: false responses: 200: description: Get an x509 bundle. body: application/json: type: getX509BundleResponse example: { "x509_bundle": { id: "system_net_ipsec_files_x509_bundles-1", name: "bundle.p12", content: "MIIMyQIBAzCCDI8GCSqGSIb3DQEHAaCCDIAEggx8MIIMeDCCBy8GCSqGSIb3DQEHBqCCByAwggccAgEAMIIHFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIeJSe0WDoL8MCAggAgIIG6C3LA4m3OrKwWUEmZm4okKJnUSydP6uMMufkhNPf2/ntbC1GqsJO9DwyjEhAsKNqoXacAnR+W4DfZ3z8xu5SQ19wV9fmCYdYpAzsLwu4eMiV7fLR0ARzN/ngytxaDbtuIGt9+2xudJ/ESGtjVs8MPzEe234gv/k3lFMtQcM2iZBANfxF31Ozyb/aidW3mUWJPNl4Wb3gCE4rxPt5hjdOP/Fd9JAPxfHqWGyeMm7FWsbOHm6zWTrNtJGoXyePF6/p0sj9tpOVuckSdceIz2RIvTFIB/S7G7v45MyTFzCyNotL4kPIchkRuURJ11mh6votK8gfnDt18e7spe8HfMgQJWrNUJPh7niEjSOUFkhttG3V4VhI+cpPTQBhFyKL3hD3d8w1ifGFZy93LnVJURTRBqjUYukCi/OfE1NfgAPAkW8G4g5Pay6NmGpmtirIs3nYEH36MKP9EVh2CUFXfrL3WP+X/WzzrfntshISuEiQcBSNWL3wMBsOuQyJGoqAJM9d4OEkV+RXI3sHYZmO2uZkT7AUEZ6okFoFpwjcbzPo1/Yr0+GWugcjltdLtxC17CmfwNorYots0y+eKUFsihHLjreGNeDtwFRfhT+cj5crWggIGi7KyCVVsgi7d8hmbgk7tOMTfvSEMkZ869rZnt+a3Ta90KTgjUbaRw5DCKw44BuC27oDitJr37fhQB5g0BrwHjB/+yHKTBtcGy2yfflC6q8cdZgrQHCZAzK92eY6/BlnQB0uxjAgAOOh59RlOpsQ1ddzlvwEBiAm+pYl5VcYjUudqVIDq/61io0q8rWgDNu+VpqPi0ITtqgOD4s+iZDRI+kztK1rleJh9OUnzk01E9uOeZ7EeenygroEgeMn6sE9MWbYHntHf8Je2ljYSz0hHUUkqQQTf1JxXXbuM7ACopgrJIMJWH6Um333VhBTCFQ995Keview/VkQhyITKQks1+ndWeVTfHuSTd2NQQ/gwZLFCG+NZrNMr9vWe7joIIShbKyO4NrosTJkYGX5DJxXBC+pRsn9ugERjKdnn5p69ovKFXYA5y9F07iqGvU5+actdaSxTGx/6LMYT/lcqm6VvpcNEn/Sc7beuvjZfsWsxQvYm2SxQToqZzKmYh1vI6/HC8bDqDvWEI9FvV43HmMyENTXERl8ADhJcTjymzxTH7ZY9k69XvbkL4W9FFgtKglbINAyQo7L4277+C/dMTZMEE59PZnNIbuzUXZ3AJZDU+j6rtvUZdbefRtVEqs0bMmApVskMr+iuSIwCHTIymnJM6d6I44t32gb18v9mQLfyvkqgHjcEFLnB3c2wB9b7y1CpKJPVxPBteL3Gd2RIlOdyg57lJa4k0B1xOuwsqYYJugWQgBIHMjqxhmYcQ71o1QCLjJ5n8euZd/KsX6MvYcgDP2EYupfnM8m6kOKHPUMQC8JxcEY/Tjm2mcUyRyEo22sRyCBH7zk+IPDFZ5ww5PWjltNUMkayWf+GxdLsmbAYawpVCriGHC7V7L2gt2dhuVzjYL05S+TsDCsGQMOQI/NLmMKbKSJjEBYU/e8GK7xGguF95b/TMediw0nGWLmLbm9NFmAoiBNILqWZLrQeZYQy2rMFWB0R+OpFyFiexpVvxN+2k0U2D9EzwDriCiyDi+mRooC7Chvoj4ldrCH6XPS/PkWvWS1gh+mShKphT7eHsWSc9irAtUfi1L11OvxSbXEPtd62hmJjE4TQ+Y5TvjNeBN2YooO2zWNak0ouLYjHufU5Bx0nE/nBYRudtRFriCmraW0ucH7Tywysez7Ckwhk3fFKuAlUgFJP3xLjeFXS8x+FfAyddwLOHLJVwDrkC1my5Y3jfn9vaab7ywHxquWTfDSWEQdDf+Yu7/D+hqsAi2qSHwPgGFGRpua3YhFoCfKF9UDhNfJBZYbiYl7duQfkiU3whF5ABCid0XMMpM1x7EUeoQsmbNd4k/E+9p1SIfZ+9Ax4oDnL/AtcfapcBQ2dPnjLuF1AswtTSHIAv5FsDGSaPCHk+pD2S77jL9ln6KIZmxzw/8pzdLSvby0ANE0m+nTNBVavjz4EU20WbUEVXVJvWHa64/QR/1WDSM6EqT/9bnC5/EtFG2MGLbyt8tNQjujUffowS1BVU/QKtO1mKP6wkqq3BFpTt4VU8nZnHnWTv9l0d11qbCOvrXbVnKu21fQF8G0cFonZGuQxCs/9O99ffn5sDN1HxPa0a2UYczhImL8K/uJT8J7JpIhKRZm4VkdJM/fM/Jaek0n+9u1pXGb0Ikl71r7iXKdwxBngcUveWBsT3p4/1ySa+qrT4AmyRoOgHNx4WBW9RMfY3fwEtvpX1UxI7I7LkWiuGJ43sF5jcdUT7SeW0cwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQI1W0hhU1AvikCAggABIIEyL5K7kZIU4Vb56/FqdrS0e4di5dal6VciBwGFstJVEMORkMEUgveaSInZbQGlO9rJSfk5crFMfI0SfznEdKOBQpYvyQYntm/YrJpp5pCXpo2FZh9luseGeh2wA38Gsq59dn4OWs7UGJSKGjSNcI9bGON9L2L25pbJCEFDPbxOJwDAad1gmSLydADaA8Yc0KTb9c0XrhtT8TZ8Ez+wKT6VGTLLinPClOnpD3JMLfcnxBQCzVs20Am8t0UXgaHlenWyh36zkpl6PfxqQJ4TEoDq1kjQASV3aPe0NwR3puI7za8wW7fLggyO0fC8FVMXPR/RmRNGBLi5+OpLwhTm/DI34CEYA2v78Nsb6g0HWX58qfeDrHfkHKjKv0uPcc6W1WmiMOJnylZ2WlKGk8Y+w/ehJqgZCpa16QzlT3/TJ3s8Twm9msFzMFK/6lHmCXtOA9YvFhp/D+hhZh16hsNzS9TuQ7d3HMAb2N1O610XiMOO6i5Mf6XyH5fVCw571A0oCnE+ieZCZoYyQaOSWd0r0qkPHFr9BlACrpkdgHVKCGji1oI10+QhLeUuVJgPbATavzQxKgrk/KXG4inH/gtKbdZ2sH35uZj22JrO/LAPQ608rfvQM28v/0dbY7/Ge8Oa49t82JJNMJwxQMG3wNTraj51+CnYMx9GsMoy+NAiMVkjrVP4RiawMk2M/mAqf4gbYb6q1l8iCearG1oNAK/6zdxH8b/uLq/PhxWPaT0BniJPbasEKyrzTJB2wlswwESROfiREDUClWG1djzsKI73Bn1NAtmKZUkQEFiozE69SBYRwXC/XqP5FZSY8bXZIdMm94aOkrohjxbeRRx+52Tu+uXe3S61G6vBowzuEbkqeXeFSOpXR62MYaOsVaniB9u2TwKUFliD5jpX+Z479wX6c4rHkNIiLerIYRg5iHC7/H9BbewGCZ9rbw00mOkTpOWf6C0ni2L7kmbxLl5IaHqyavNCSQkEuelK8YOq65U9TXWwBwfb8GCZOVMOWayG/nO4c0M1LfgsprYhbJUoF1V+4amrLrJbgEouUStEEgg5gHI//+2LiHX2gU2EydB9ne6m+h6lLpNDZjVgKhuJdHBy6jf4jGEpR694z341GEv6M4HZ4p4AVAx7LIvgS4FT2++GbPVThpZvzY/EL8M/yt0wUhWpOWnqO9YGqUapxCoGttSg24skTDsUfbU2ltf2giOSqFgOMIc9DgsKKqb5L6x+FTA0JzQrrSOSdfdKHM8Vus8uEF0REDFouH7CkbmtwRdHFjQuFeWRwnxtXnkhHA3riC21JJSt9awTK3CehbvpAd6iV2emFMmXDWtRVB5JGXKsfleb8ctVbcPArqX6Hv+uBZtFRdZC2yUVMvacaSylEZdNfSLC7BMRW1bQ6U1fcxrOy2Xrl5M2SlF3CpQ1u5eAOsWhIuwKqKBCZssDXxXgnKHgMPrInwLNm+pRI+/P7choUZUmPd9w+/WjpsMWBKLlTTzCHtfA3S6QMvTJor02TyGwETga2Lfe/FUHxRqd2cS8/oe70zQNVb47Lx4Rv0p+E6JaUm3SQZ//pCK/4c5so69y5BCazHPlON6o0WV8EcQNyjdrXn5XO3ZY06kBibZfnXzXRROKMz7YsthNzElMCMGCSqGSIb3DQEJFTEWBBTsTioxPc2KkCi5ohjqjZsUFRMlCDAxMCEwCQYFKw4DAhoFAAQUGenOqzXKjdA6z0DTAwsG/40AwrgECEigJt/JI2HMAgIIAA==", password: "TkcxJAAAABDz14VOkQ5K7qU+HmxBn6BCj3iQ7nfaHR6qU8MBGapj4g==", timestamp: "2021-05-31T22:57:25+00:00" } } put: description: Set the configuration for an existing x509 bundle. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: postX509BundleBody example: { "x509_bundle": { name: "bundle.p12", content: "MIIMyQIBAzCCDI8GCSqGSIb3DQEHAaCCDIAEggx8MIIMeDCCBy8GCSqGSIb3DQEHBqCCByAwggccAgEAMIIHFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIeJSe0WDoL8MCAggAgIIG6C3LA4m3OrKwWUEmZm4okKJnUSydP6uMMufkhNPf2/ntbC1GqsJO9DwyjEhAsKNqoXacAnR+W4DfZ3z8xu5SQ19wV9fmCYdYpAzsLwu4eMiV7fLR0ARzN/ngytxaDbtuIGt9+2xudJ/ESGtjVs8MPzEe234gv/k3lFMtQcM2iZBANfxF31Ozyb/aidW3mUWJPNl4Wb3gCE4rxPt5hjdOP/Fd9JAPxfHqWGyeMm7FWsbOHm6zWTrNtJGoXyePF6/p0sj9tpOVuckSdceIz2RIvTFIB/S7G7v45MyTFzCyNotL4kPIchkRuURJ11mh6votK8gfnDt18e7spe8HfMgQJWrNUJPh7niEjSOUFkhttG3V4VhI+cpPTQBhFyKL3hD3d8w1ifGFZy93LnVJURTRBqjUYukCi/OfE1NfgAPAkW8G4g5Pay6NmGpmtirIs3nYEH36MKP9EVh2CUFXfrL3WP+X/WzzrfntshISuEiQcBSNWL3wMBsOuQyJGoqAJM9d4OEkV+RXI3sHYZmO2uZkT7AUEZ6okFoFpwjcbzPo1/Yr0+GWugcjltdLtxC17CmfwNorYots0y+eKUFsihHLjreGNeDtwFRfhT+cj5crWggIGi7KyCVVsgi7d8hmbgk7tOMTfvSEMkZ869rZnt+a3Ta90KTgjUbaRw5DCKw44BuC27oDitJr37fhQB5g0BrwHjB/+yHKTBtcGy2yfflC6q8cdZgrQHCZAzK92eY6/BlnQB0uxjAgAOOh59RlOpsQ1ddzlvwEBiAm+pYl5VcYjUudqVIDq/61io0q8rWgDNu+VpqPi0ITtqgOD4s+iZDRI+kztK1rleJh9OUnzk01E9uOeZ7EeenygroEgeMn6sE9MWbYHntHf8Je2ljYSz0hHUUkqQQTf1JxXXbuM7ACopgrJIMJWH6Um333VhBTCFQ995Keview/VkQhyITKQks1+ndWeVTfHuSTd2NQQ/gwZLFCG+NZrNMr9vWe7joIIShbKyO4NrosTJkYGX5DJxXBC+pRsn9ugERjKdnn5p69ovKFXYA5y9F07iqGvU5+actdaSxTGx/6LMYT/lcqm6VvpcNEn/Sc7beuvjZfsWsxQvYm2SxQToqZzKmYh1vI6/HC8bDqDvWEI9FvV43HmMyENTXERl8ADhJcTjymzxTH7ZY9k69XvbkL4W9FFgtKglbINAyQo7L4277+C/dMTZMEE59PZnNIbuzUXZ3AJZDU+j6rtvUZdbefRtVEqs0bMmApVskMr+iuSIwCHTIymnJM6d6I44t32gb18v9mQLfyvkqgHjcEFLnB3c2wB9b7y1CpKJPVxPBteL3Gd2RIlOdyg57lJa4k0B1xOuwsqYYJugWQgBIHMjqxhmYcQ71o1QCLjJ5n8euZd/KsX6MvYcgDP2EYupfnM8m6kOKHPUMQC8JxcEY/Tjm2mcUyRyEo22sRyCBH7zk+IPDFZ5ww5PWjltNUMkayWf+GxdLsmbAYawpVCriGHC7V7L2gt2dhuVzjYL05S+TsDCsGQMOQI/NLmMKbKSJjEBYU/e8GK7xGguF95b/TMediw0nGWLmLbm9NFmAoiBNILqWZLrQeZYQy2rMFWB0R+OpFyFiexpVvxN+2k0U2D9EzwDriCiyDi+mRooC7Chvoj4ldrCH6XPS/PkWvWS1gh+mShKphT7eHsWSc9irAtUfi1L11OvxSbXEPtd62hmJjE4TQ+Y5TvjNeBN2YooO2zWNak0ouLYjHufU5Bx0nE/nBYRudtRFriCmraW0ucH7Tywysez7Ckwhk3fFKuAlUgFJP3xLjeFXS8x+FfAyddwLOHLJVwDrkC1my5Y3jfn9vaab7ywHxquWTfDSWEQdDf+Yu7/D+hqsAi2qSHwPgGFGRpua3YhFoCfKF9UDhNfJBZYbiYl7duQfkiU3whF5ABCid0XMMpM1x7EUeoQsmbNd4k/E+9p1SIfZ+9Ax4oDnL/AtcfapcBQ2dPnjLuF1AswtTSHIAv5FsDGSaPCHk+pD2S77jL9ln6KIZmxzw/8pzdLSvby0ANE0m+nTNBVavjz4EU20WbUEVXVJvWHa64/QR/1WDSM6EqT/9bnC5/EtFG2MGLbyt8tNQjujUffowS1BVU/QKtO1mKP6wkqq3BFpTt4VU8nZnHnWTv9l0d11qbCOvrXbVnKu21fQF8G0cFonZGuQxCs/9O99ffn5sDN1HxPa0a2UYczhImL8K/uJT8J7JpIhKRZm4VkdJM/fM/Jaek0n+9u1pXGb0Ikl71r7iXKdwxBngcUveWBsT3p4/1ySa+qrT4AmyRoOgHNx4WBW9RMfY3fwEtvpX1UxI7I7LkWiuGJ43sF5jcdUT7SeW0cwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQI1W0hhU1AvikCAggABIIEyL5K7kZIU4Vb56/FqdrS0e4di5dal6VciBwGFstJVEMORkMEUgveaSInZbQGlO9rJSfk5crFMfI0SfznEdKOBQpYvyQYntm/YrJpp5pCXpo2FZh9luseGeh2wA38Gsq59dn4OWs7UGJSKGjSNcI9bGON9L2L25pbJCEFDPbxOJwDAad1gmSLydADaA8Yc0KTb9c0XrhtT8TZ8Ez+wKT6VGTLLinPClOnpD3JMLfcnxBQCzVs20Am8t0UXgaHlenWyh36zkpl6PfxqQJ4TEoDq1kjQASV3aPe0NwR3puI7za8wW7fLggyO0fC8FVMXPR/RmRNGBLi5+OpLwhTm/DI34CEYA2v78Nsb6g0HWX58qfeDrHfkHKjKv0uPcc6W1WmiMOJnylZ2WlKGk8Y+w/ehJqgZCpa16QzlT3/TJ3s8Twm9msFzMFK/6lHmCXtOA9YvFhp/D+hhZh16hsNzS9TuQ7d3HMAb2N1O610XiMOO6i5Mf6XyH5fVCw571A0oCnE+ieZCZoYyQaOSWd0r0qkPHFr9BlACrpkdgHVKCGji1oI10+QhLeUuVJgPbATavzQxKgrk/KXG4inH/gtKbdZ2sH35uZj22JrO/LAPQ608rfvQM28v/0dbY7/Ge8Oa49t82JJNMJwxQMG3wNTraj51+CnYMx9GsMoy+NAiMVkjrVP4RiawMk2M/mAqf4gbYb6q1l8iCearG1oNAK/6zdxH8b/uLq/PhxWPaT0BniJPbasEKyrzTJB2wlswwESROfiREDUClWG1djzsKI73Bn1NAtmKZUkQEFiozE69SBYRwXC/XqP5FZSY8bXZIdMm94aOkrohjxbeRRx+52Tu+uXe3S61G6vBowzuEbkqeXeFSOpXR62MYaOsVaniB9u2TwKUFliD5jpX+Z479wX6c4rHkNIiLerIYRg5iHC7/H9BbewGCZ9rbw00mOkTpOWf6C0ni2L7kmbxLl5IaHqyavNCSQkEuelK8YOq65U9TXWwBwfb8GCZOVMOWayG/nO4c0M1LfgsprYhbJUoF1V+4amrLrJbgEouUStEEgg5gHI//+2LiHX2gU2EydB9ne6m+h6lLpNDZjVgKhuJdHBy6jf4jGEpR694z341GEv6M4HZ4p4AVAx7LIvgS4FT2++GbPVThpZvzY/EL8M/yt0wUhWpOWnqO9YGqUapxCoGttSg24skTDsUfbU2ltf2giOSqFgOMIc9DgsKKqb5L6x+FTA0JzQrrSOSdfdKHM8Vus8uEF0REDFouH7CkbmtwRdHFjQuFeWRwnxtXnkhHA3riC21JJSt9awTK3CehbvpAd6iV2emFMmXDWtRVB5JGXKsfleb8ctVbcPArqX6Hv+uBZtFRdZC2yUVMvacaSylEZdNfSLC7BMRW1bQ6U1fcxrOy2Xrl5M2SlF3CpQ1u5eAOsWhIuwKqKBCZssDXxXgnKHgMPrInwLNm+pRI+/P7choUZUmPd9w+/WjpsMWBKLlTTzCHtfA3S6QMvTJor02TyGwETga2Lfe/FUHxRqd2cS8/oe70zQNVb47Lx4Rv0p+E6JaUm3SQZ//pCK/4c5so69y5BCazHPlON6o0WV8EcQNyjdrXn5XO3ZY06kBibZfnXzXRROKMz7YsthNzElMCMGCSqGSIb3DQEJFTEWBBTsTioxPc2KkCi5ohjqjZsUFRMlCDAxMCEwCQYFKw4DAhoFAAQUGenOqzXKjdA6z0DTAwsG/40AwrgECEigJt/JI2HMAgIIAA==", password: "TkcxJAAAABDz14VOkQ5K7qU+HmxBn6BCj3iQ7nfaHR6qU8MBGapj4g==", } } responses: 200: description: The x509 bundle settings were updated. body: application/json: type: getX509BundleResponse example: { "x509_bundle": { id: "system_net_ipsec_files_x509_bundles-1", name: "bundle.p12", content: "MIIMyQIBAzCCDI8GCSqGSIb3DQEHAaCCDIAEggx8MIIMeDCCBy8GCSqGSIb3DQEHBqCCByAwggccAgEAMIIHFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIeJSe0WDoL8MCAggAgIIG6C3LA4m3OrKwWUEmZm4okKJnUSydP6uMMufkhNPf2/ntbC1GqsJO9DwyjEhAsKNqoXacAnR+W4DfZ3z8xu5SQ19wV9fmCYdYpAzsLwu4eMiV7fLR0ARzN/ngytxaDbtuIGt9+2xudJ/ESGtjVs8MPzEe234gv/k3lFMtQcM2iZBANfxF31Ozyb/aidW3mUWJPNl4Wb3gCE4rxPt5hjdOP/Fd9JAPxfHqWGyeMm7FWsbOHm6zWTrNtJGoXyePF6/p0sj9tpOVuckSdceIz2RIvTFIB/S7G7v45MyTFzCyNotL4kPIchkRuURJ11mh6votK8gfnDt18e7spe8HfMgQJWrNUJPh7niEjSOUFkhttG3V4VhI+cpPTQBhFyKL3hD3d8w1ifGFZy93LnVJURTRBqjUYukCi/OfE1NfgAPAkW8G4g5Pay6NmGpmtirIs3nYEH36MKP9EVh2CUFXfrL3WP+X/WzzrfntshISuEiQcBSNWL3wMBsOuQyJGoqAJM9d4OEkV+RXI3sHYZmO2uZkT7AUEZ6okFoFpwjcbzPo1/Yr0+GWugcjltdLtxC17CmfwNorYots0y+eKUFsihHLjreGNeDtwFRfhT+cj5crWggIGi7KyCVVsgi7d8hmbgk7tOMTfvSEMkZ869rZnt+a3Ta90KTgjUbaRw5DCKw44BuC27oDitJr37fhQB5g0BrwHjB/+yHKTBtcGy2yfflC6q8cdZgrQHCZAzK92eY6/BlnQB0uxjAgAOOh59RlOpsQ1ddzlvwEBiAm+pYl5VcYjUudqVIDq/61io0q8rWgDNu+VpqPi0ITtqgOD4s+iZDRI+kztK1rleJh9OUnzk01E9uOeZ7EeenygroEgeMn6sE9MWbYHntHf8Je2ljYSz0hHUUkqQQTf1JxXXbuM7ACopgrJIMJWH6Um333VhBTCFQ995Keview/VkQhyITKQks1+ndWeVTfHuSTd2NQQ/gwZLFCG+NZrNMr9vWe7joIIShbKyO4NrosTJkYGX5DJxXBC+pRsn9ugERjKdnn5p69ovKFXYA5y9F07iqGvU5+actdaSxTGx/6LMYT/lcqm6VvpcNEn/Sc7beuvjZfsWsxQvYm2SxQToqZzKmYh1vI6/HC8bDqDvWEI9FvV43HmMyENTXERl8ADhJcTjymzxTH7ZY9k69XvbkL4W9FFgtKglbINAyQo7L4277+C/dMTZMEE59PZnNIbuzUXZ3AJZDU+j6rtvUZdbefRtVEqs0bMmApVskMr+iuSIwCHTIymnJM6d6I44t32gb18v9mQLfyvkqgHjcEFLnB3c2wB9b7y1CpKJPVxPBteL3Gd2RIlOdyg57lJa4k0B1xOuwsqYYJugWQgBIHMjqxhmYcQ71o1QCLjJ5n8euZd/KsX6MvYcgDP2EYupfnM8m6kOKHPUMQC8JxcEY/Tjm2mcUyRyEo22sRyCBH7zk+IPDFZ5ww5PWjltNUMkayWf+GxdLsmbAYawpVCriGHC7V7L2gt2dhuVzjYL05S+TsDCsGQMOQI/NLmMKbKSJjEBYU/e8GK7xGguF95b/TMediw0nGWLmLbm9NFmAoiBNILqWZLrQeZYQy2rMFWB0R+OpFyFiexpVvxN+2k0U2D9EzwDriCiyDi+mRooC7Chvoj4ldrCH6XPS/PkWvWS1gh+mShKphT7eHsWSc9irAtUfi1L11OvxSbXEPtd62hmJjE4TQ+Y5TvjNeBN2YooO2zWNak0ouLYjHufU5Bx0nE/nBYRudtRFriCmraW0ucH7Tywysez7Ckwhk3fFKuAlUgFJP3xLjeFXS8x+FfAyddwLOHLJVwDrkC1my5Y3jfn9vaab7ywHxquWTfDSWEQdDf+Yu7/D+hqsAi2qSHwPgGFGRpua3YhFoCfKF9UDhNfJBZYbiYl7duQfkiU3whF5ABCid0XMMpM1x7EUeoQsmbNd4k/E+9p1SIfZ+9Ax4oDnL/AtcfapcBQ2dPnjLuF1AswtTSHIAv5FsDGSaPCHk+pD2S77jL9ln6KIZmxzw/8pzdLSvby0ANE0m+nTNBVavjz4EU20WbUEVXVJvWHa64/QR/1WDSM6EqT/9bnC5/EtFG2MGLbyt8tNQjujUffowS1BVU/QKtO1mKP6wkqq3BFpTt4VU8nZnHnWTv9l0d11qbCOvrXbVnKu21fQF8G0cFonZGuQxCs/9O99ffn5sDN1HxPa0a2UYczhImL8K/uJT8J7JpIhKRZm4VkdJM/fM/Jaek0n+9u1pXGb0Ikl71r7iXKdwxBngcUveWBsT3p4/1ySa+qrT4AmyRoOgHNx4WBW9RMfY3fwEtvpX1UxI7I7LkWiuGJ43sF5jcdUT7SeW0cwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQI1W0hhU1AvikCAggABIIEyL5K7kZIU4Vb56/FqdrS0e4di5dal6VciBwGFstJVEMORkMEUgveaSInZbQGlO9rJSfk5crFMfI0SfznEdKOBQpYvyQYntm/YrJpp5pCXpo2FZh9luseGeh2wA38Gsq59dn4OWs7UGJSKGjSNcI9bGON9L2L25pbJCEFDPbxOJwDAad1gmSLydADaA8Yc0KTb9c0XrhtT8TZ8Ez+wKT6VGTLLinPClOnpD3JMLfcnxBQCzVs20Am8t0UXgaHlenWyh36zkpl6PfxqQJ4TEoDq1kjQASV3aPe0NwR3puI7za8wW7fLggyO0fC8FVMXPR/RmRNGBLi5+OpLwhTm/DI34CEYA2v78Nsb6g0HWX58qfeDrHfkHKjKv0uPcc6W1WmiMOJnylZ2WlKGk8Y+w/ehJqgZCpa16QzlT3/TJ3s8Twm9msFzMFK/6lHmCXtOA9YvFhp/D+hhZh16hsNzS9TuQ7d3HMAb2N1O610XiMOO6i5Mf6XyH5fVCw571A0oCnE+ieZCZoYyQaOSWd0r0qkPHFr9BlACrpkdgHVKCGji1oI10+QhLeUuVJgPbATavzQxKgrk/KXG4inH/gtKbdZ2sH35uZj22JrO/LAPQ608rfvQM28v/0dbY7/Ge8Oa49t82JJNMJwxQMG3wNTraj51+CnYMx9GsMoy+NAiMVkjrVP4RiawMk2M/mAqf4gbYb6q1l8iCearG1oNAK/6zdxH8b/uLq/PhxWPaT0BniJPbasEKyrzTJB2wlswwESROfiREDUClWG1djzsKI73Bn1NAtmKZUkQEFiozE69SBYRwXC/XqP5FZSY8bXZIdMm94aOkrohjxbeRRx+52Tu+uXe3S61G6vBowzuEbkqeXeFSOpXR62MYaOsVaniB9u2TwKUFliD5jpX+Z479wX6c4rHkNIiLerIYRg5iHC7/H9BbewGCZ9rbw00mOkTpOWf6C0ni2L7kmbxLl5IaHqyavNCSQkEuelK8YOq65U9TXWwBwfb8GCZOVMOWayG/nO4c0M1LfgsprYhbJUoF1V+4amrLrJbgEouUStEEgg5gHI//+2LiHX2gU2EydB9ne6m+h6lLpNDZjVgKhuJdHBy6jf4jGEpR694z341GEv6M4HZ4p4AVAx7LIvgS4FT2++GbPVThpZvzY/EL8M/yt0wUhWpOWnqO9YGqUapxCoGttSg24skTDsUfbU2ltf2giOSqFgOMIc9DgsKKqb5L6x+FTA0JzQrrSOSdfdKHM8Vus8uEF0REDFouH7CkbmtwRdHFjQuFeWRwnxtXnkhHA3riC21JJSt9awTK3CehbvpAd6iV2emFMmXDWtRVB5JGXKsfleb8ctVbcPArqX6Hv+uBZtFRdZC2yUVMvacaSylEZdNfSLC7BMRW1bQ6U1fcxrOy2Xrl5M2SlF3CpQ1u5eAOsWhIuwKqKBCZssDXxXgnKHgMPrInwLNm+pRI+/P7choUZUmPd9w+/WjpsMWBKLlTTzCHtfA3S6QMvTJor02TyGwETga2Lfe/FUHxRqd2cS8/oe70zQNVb47Lx4Rv0p+E6JaUm3SQZ//pCK/4c5so69y5BCazHPlON6o0WV8EcQNyjdrXn5XO3ZY06kBibZfnXzXRROKMz7YsthNzElMCMGCSqGSIb3DQEJFTEWBBTsTioxPc2KkCi5ohjqjZsUFRMlCDAxMCEwCQYFKw4DAhoFAAQUGenOqzXKjdA6z0DTAwsG/40AwrgECEigJt/JI2HMAgIIAA==", password: "TkcxJAAAABDz14VOkQ5K7qU+HmxBn6BCj3iQ7nfaHR6qU8MBGapj4g==", timestamp: "2021-05-31T22:57:25+00:00" } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: x509_bundle parameter missing. 404: description: x509_bundle {id} does not exist. delete: description: Delete an x509 Bundle. responses: 200: description: x509 bundle deleted. 404: description: x509 bundle did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec/x509_bundle with name or id 'x509_bundles-1000'", "args": { "uuid": "x509_bundles-1000" }, "level": 1 } ] } /x509_ca_certificates: type: base-type description: > Read, add, modify and delete Certificate Authority (CA) certificates used by IPsec tunnels using Public Key Infrastructure (PKI) for authentication get: description: Get a list of all configured CA certificates responses: 200: body: application/json: type: getCaCertificateListResponse example: { x509_ca_certificates: [ { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", id: "system_net_ipsec_files_x509_ca_certificates-1", }, { name: "512b-rsa-example-request.der", content: "-----BEGIN CERTIFICATE----- MIIEFzCCAv+gAwIBAgIUETRacm1rXeNxAVKbjv1eKzV55KowDQYJKoZIhvcNAQEL BQAwgZoxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMREwDwYDVQQH DAhCcmlzYmFuZTEZMBcGA1UECgwQT3BlbmdlYXIgUHR5IEx0ZDENMAsGA1UECwwE TkdDUzEUMBIGA1UEAwwLRGF2aWQgQnVybnMxIzAhBgkqhkiG9w0BCQEWFGRhdmlk LmJ1cm5zQGRpZ2kuY29tMB4XDTIxMDUxMTAwMDY0OFoXDTIyMDUxMTAwMDY0OFow gZoxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMREwDwYDVQQHDAhC cmlzYmFuZTEZMBcGA1UECgwQT3BlbmdlYXIgUHR5IEx0ZDENMAsGA1UECwwETkdD UzEUMBIGA1UEAwwLRGF2aWQgQnVybnMxIzAhBgkqhkiG9w0BCQEWFGRhdmlkLmJ1 cm5zQGRpZ2kuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5LV/ qA57gwiDGHEw1wRKqpOuprPypX4giu3RBEzW6+nrlmK/08sgNOLHbjR8nQLfanGI hQHImGpW11hWNbI9na5XSYjbiAaGaasCfm67NQu+mdQrDAQ3q6LZ7s2afdex5XOw nzQvgbfvKdCKmeMll0DHe88u/FDi5FquFE2/NLqqFNx1WkDP/YFd8ZRWcyjSEcG6 IcKErsY6iZFW6ouoUXJlFB8FztYN8/+E4w96G7GGZTxDesDYUqQr0voeo7PK/njp 7GR8zINU7Msah0TWRPymUwCgCdJ6bMtWTEpCsCmtNpil4UombiNB+zFCayHpivfP EnP8M/XFt/UE9UPXAQIDAQABo1MwUTAdBgNVHQ4EFgQUQGvvNmeHR2GY2IJxxYHm mZilZh0wHwYDVR0jBBgwFoAUQGvvNmeHR2GY2IJxxYHmmZilZh0wDwYDVR0TAQH/ BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEARXJRnC623g3IgOPwftW4bWxAtghO jmlN/b9rn1Ka5hAJ2AlqJjeuIgDMd3cAXGsZ/LvqyTz4Z6ZDEg2uqsH5BXlUYt7Q 6SB6DYbnIxhw8PgDG5Je1TQerSJcOM87oMyO28ZiaDwQsjISML9BEK783FQ2mGj+ dXizJ5O2KonxJH9hkC2k0AI9YT7Xolb1CLQTqOsE4aYMQyU39Df3dFChOKeqBW8i HCMw+NKuKRJnW11lxIVS8YODx3kiGFroWBbfN99Wl9tCSoLmX2Myy9wflFOeIocE vo3lO39INFK+WdmP5z0YJ9U3I3Mowkvlu/KcvpZF+y7hVLmt67zOhXE/Kg== -----END CERTIFICATE-----", timestamp: "2021-03-12T20:43:39+00:00", id: "system_net_ipsec_x509_ca_certificate-2", }, ], } post: description: > Configure a new CA certificate body: application/json: type: postCaCertificateBody example: { x509_ca_certificate: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", } } responses: 201: body: application/json: type: getCaCertificateResponse example: { x509_ca_certificate: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", id: "system_net_ipsec_files_x509_ca_certificates-1", } } 400: description: > Invalid request: Body is not json or does not conform to required json schema. /{id}: get: description: > Get a single configured CA by it ID responses: 200: body: application/json: type: getCaCertificateResponse example: { x509_ca_certificate: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", id: "system_net_ipsec_files_x509_ca_certificates-3", } } 404: description: CA did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec/x509_ca_certificate with name or id 'x509_ca_certificates-1000'", "args": { "uuid": "x509_ca_certificates-1000" }, "level": 1 } ] } put: description: > Update a single configured CA body: application/json: type: postCaCertificateBody example: { x509_ca_certificate: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", } } responses: 200: body: application/json: type: getCaCertificateResponse example: { x509_ca_certificate: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", id: "system_net_ipsec_files_x509_ca_certificates-5", } } 400: description: > Invalid request: Body is not json or does not conform to required json schema. 404: description: CA did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec/x509_ca_certificate with name or id 'x509_ca_certificate-1000'", "args": { "uuid": "x509_ca_certificate-1000" }, "level": 1 } ] } delete: description: > Delete a CA responses: 200: description: CA deleted 404: description: CA did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec/x509_ca_certificate with name or id 'x509_ca_certificates-1000'", "args": { "uuid": "x509_ca_certificate-1000" }, "level": 1 } ] } /x509_crls: type: base-type description: > Read, add, modify and delete Certificate Revocation Lists for use by ipsec tunnels using Public Key Infrastucture (PKI) for authentication. get: description: Get a list of all configured CRLs responses: 200: body: application/json: type: getCrlFileListResponse example: { x509_crls: [ { name: "512b-rsa-example-request.pem", content: "-----BEGIN X509 CRL----- MIIBtjCBnwIBATANBgkqhkiG9w0BAQsFADA6MQswCQYDVQQGEwJDSDETMBEGA1UE ChMKc3Ryb25nU3dhbjEWMBQGA1UEAxMNVHVubmVsIFBLSSBDQRcNMjEwNjA0MDYx MTU1WhcNMjEwNjE5MDYxMTU1WjAAoC8wLTAfBgNVHSMEGDAWgBTCsezxD76B2m0e vLTp+AX42Tw7lTAKBgNVHRQEAwIBATANBgkqhkiG9w0BAQsFAAOCAQEAkJvZSk3X cnf423IVzJC1kwM8lMZJfX8Duz+PyqjPEOGW5U2kBkJn6fStXRRh/LnyvNAABfpk /51Iz8IJTEPwlcLnFvLQqqqJDsmSlZC4V3VwctcMg77gQLAm5oD1ljgv8RGTtGgZ flu1oQjvOVst0lw8lktH0ijjEFPkTfLOb5iCRSlG7+rCPrHjnzo1S20MCB/zOSbF z0gVAmTPCA8PMvsqnnZsN+1j8dwmF4h0hqiKAoB95xaHnUmuudvaNEGAyg3D9rqE YzIVOh2Ec47fomPc6d9rWPMb/Jjz04gGHUTLtmQEY3l2LNcxaMAGXOU2eykxrF8L F5Qi0ZjK1rXcEg== -----END X509 CRL-----", timestamp: "2020-04-06 04:16:49.179388+00:00", id: "system_net_ipsec_files_x509_crls-1", }, { name: "512b-rsa-example-request.der", content: "MIIBBDCBrwIBADBKMQswCQYDVQQGEwJKUDEOMAwGA1UECAwFVG9reW8xETAPBgNVBAoMCEZyYW5rNEREMRgwFgYDVQQDDA93d3cuZXhhbXBsZS5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAm/xmkHmEQrurE/0re/jeFRLl8ZPjBop7uLHhnia7lQG/5zDtZIUC3RVpqDSwBuw/NTweGyuP+o8AG98HxqxTBwIDAQABoAAwDQYJKoZIhvcNAQEFBQADQQByOV52Y17y8xw1V/xvru3rLPrVxYAXS5SgvNpfBsj38lNVtTvuH/MgroBgmjSpnqKqBiBDkoY2YUET2qmGjAu9Cg==", timestamp: "2021-03-12T20:43:39+00:00", id: "system_net_ipsec_files_x509_crls-2", }, ], } post: description: > Configure a new CRL file body: application/json: type: postCrlFileBody example: { x509_crl: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", } } responses: 201: body: application/json: type: getCrlFileResponse example: { x509_crl: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", id: "system_net_ipsec_files_x509_crls-3", } } 400: description: > Invalid request: Body is not json or does not conform to required json schema. /{id}: get: description: > Get a single configured CRL by it ID responses: 200: body: application/json: type: getCrlFileResponse example: { x509_crl: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", id: "system_net_ipsec_files_x509_crls-1", } } 404: description: CRL did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec/x509_crl with name or id 'x509_crls-1000'", "args": { "uuid": "x509_crls-1000" }, "level": 1 } ] } put: description: > Update a single configured CRL body: application/json: type: postCrlFileBody example: { x509_crl: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", } } responses: 200: body: application/json: type: getCrlFileResponse example: { x509_crl: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", id: "system_net_ipsec_files_x509_crls-2", } } 400: description: > Invalid request: Body is not json or does not conform to required json schema. 404: description: CRL did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec/x509_crl with name or id 'x509_crls-1000'", "args": { "uuid": "x509_crls-1000" }, "level": 1 } ] } delete: description: > Delete a CRL responses: 200: description: CRL deleted 404: description: CRL did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec/x509_crl with name or id 'x509_crls-1000'", "args": { "uuid": "x509_crls-1000" }, "level": 1 } ] } /private_keys: type: base-type description: > Read, add, modify and delete private keys. get: description: > Get a list of the configured private keys. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask", ] default: "cleartext" required: false responses: 200: body: application/json: type: getPrivateKeyListResponse example: { "private_keys": [ { id: "system_net_ipsec_files_private_keys-1", name: "512b-rsa-example-key.der", content: "MIIBOwIBAAJBAJv8ZpB5hEK7qxP9K3v43hUS5fGT4waKe7ix4Z4mu5UBv+cw7WSFAt0Vaag0sAbsPzU8Hhsrj/qPABvfB8asUwcCAwEAAQJAG0r3ezH35WFG1tGGaUOrQA61cyaII53ZdgCR1IU8bx7AUevmkFtBf+aqMWusWVOWJvGu2r5VpHVAIl8nF6DSkQIhAMjEJ3zVYa2/Mo4ey+iU9J9Vd+WoyXDQD4EEtwmyG1PpAiEAxuZlvhDIbbce7o5BvOhnCZ2N7kYb1ZC57g3F+cbJyW8CIQCbsDGHBto2qJyFxbAO7uQ8Y0UVHa0JBO/g900SAcJbcQIgRtEljIShOB8pDjrsQPxmI1BLhnjD1EhRSubwhDw5AFUCIQCNA24pDtdOHydwtSB5+zFqFLfmVZplQM/g5kb4so70Ywo=", password: "myprivatekeyspassword", timestamp: "2021-03-12T20:43:39+00:00", }, { id: "system_net_ipsec_files_private_keys-2", name: "512b-rsa-example-key.pem", content: "-----BEGIN RSA PRIVATE KEY----- MIIBOwIBAAJBAJv8ZpB5hEK7qxP9K3v43hUS5fGT4waKe7ix4Z4mu5UBv+cw7WSF At0Vaag0sAbsPzU8Hhsrj/qPABvfB8asUwcCAwEAAQJAG0r3ezH35WFG1tGGaUOr QA61cyaII53ZdgCR1IU8bx7AUevmkFtBf+aqMWusWVOWJvGu2r5VpHVAIl8nF6DS kQIhAMjEJ3zVYa2/Mo4ey+iU9J9Vd+WoyXDQD4EEtwmyG1PpAiEAxuZlvhDIbbce 7o5BvOhnCZ2N7kYb1ZC57g3F+cbJyW8CIQCbsDGHBto2qJyFxbAO7uQ8Y0UVHa0J BO/g900SAcJbcQIgRtEljIShOB8pDjrsQPxmI1BLhnjD1EhRSubwhDw5AFUCIQCN A24pDtdOHydwtSB5+zFqFLfmVZplQM/g5kb4so70Yw== -----END RSA PRIVATE KEY-----", timestamp: "2021-03-12T20:43:39+00:00", } ] } post: description: > Configure a new private key. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate", ] default: "cleartext" required: false body: application/json: type: postPrivateKeyBody example: { private_key: { name: "512b-rsa-example-key.der", content: "MIIBOwIBAAJBAJv8ZpB5hEK7qxP9K3v43hUS5fGT4waKe7ix4Z4mu5UBv+cw7WSFAt0Vaag0sAbsPzU8Hhsrj/qPABvfB8asUwcCAwEAAQJAG0r3ezH35WFG1tGGaUOrQA61cyaII53ZdgCR1IU8bx7AUevmkFtBf+aqMWusWVOWJvGu2r5VpHVAIl8nF6DSkQIhAMjEJ3zVYa2/Mo4ey+iU9J9Vd+WoyXDQD4EEtwmyG1PpAiEAxuZlvhDIbbce7o5BvOhnCZ2N7kYb1ZC57g3F+cbJyW8CIQCbsDGHBto2qJyFxbAO7uQ8Y0UVHa0JBO/g900SAcJbcQIgRtEljIShOB8pDjrsQPxmI1BLhnjD1EhRSubwhDw5AFUCIQCNA24pDtdOHydwtSB5+zFqFLfmVZplQM/g5kb4so70Ywo=", password: "myprivatekeyspassword", } } responses: 201: body: application/json: type: getPrivateKeyResponse example: { private_key: { id: "system_net_ipsec_files_private_keys-1", name: "512b-rsa-example-key.der", content: "MIIBOwIBAAJBAJv8ZpB5hEK7qxP9K3v43hUS5fGT4waKe7ix4Z4mu5UBv+cw7WSFAt0Vaag0sAbsPzU8Hhsrj/qPABvfB8asUwcCAwEAAQJAG0r3ezH35WFG1tGGaUOrQA61cyaII53ZdgCR1IU8bx7AUevmkFtBf+aqMWusWVOWJvGu2r5VpHVAIl8nF6DSkQIhAMjEJ3zVYa2/Mo4ey+iU9J9Vd+WoyXDQD4EEtwmyG1PpAiEAxuZlvhDIbbce7o5BvOhnCZ2N7kYb1ZC57g3F+cbJyW8CIQCbsDGHBto2qJyFxbAO7uQ8Y0UVHa0JBO/g900SAcJbcQIgRtEljIShOB8pDjrsQPxmI1BLhnjD1EhRSubwhDw5AFUCIQCNA24pDtdOHydwtSB5+zFqFLfmVZplQM/g5kb4so70Ywo=", password: "myprivatekeyspassword", timestamp: "2021-03-12T20:43:39+00:00", } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: private key parameter missing. /{id}: get: description: > Get a single configured private key by its ID. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask", ] default: "cleartext" required: false responses: 200: body: application/json: type: getPrivateKeyResponse example: { private_key: { id: "system_net_ipsec_files_private_keys-1", name: "512b-rsa-example-key.der", content: "MIIBOwIBAAJBAJv8ZpB5hEK7qxP9K3v43hUS5fGT4waKe7ix4Z4mu5UBv+cw7WSFAt0Vaag0sAbsPzU8Hhsrj/qPABvfB8asUwcCAwEAAQJAG0r3ezH35WFG1tGGaUOrQA61cyaII53ZdgCR1IU8bx7AUevmkFtBf+aqMWusWVOWJvGu2r5VpHVAIl8nF6DSkQIhAMjEJ3zVYa2/Mo4ey+iU9J9Vd+WoyXDQD4EEtwmyG1PpAiEAxuZlvhDIbbce7o5BvOhnCZ2N7kYb1ZC57g3F+cbJyW8CIQCbsDGHBto2qJyFxbAO7uQ8Y0UVHa0JBO/g900SAcJbcQIgRtEljIShOB8pDjrsQPxmI1BLhnjD1EhRSubwhDw5AFUCIQCNA24pDtdOHydwtSB5+zFqFLfmVZplQM/g5kb4so70Ywo=", password: "myprivatekeyspassword", timestamp: "2021-03-12T20:43:39+00:00", } } put: description: > Update a single configured private key. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate", ] default: "cleartext" required: false body: application/json: type: postPrivateKeyBody example: { private_key: { name: "512b-rsa-example-key.der", content: "MIIBOwIBAAJBAJv8ZpB5hEK7qxP9K3v43hUS5fGT4waKe7ix4Z4mu5UBv+cw7WSFAt0Vaag0sAbsPzU8Hhsrj/qPABvfB8asUwcCAwEAAQJAG0r3ezH35WFG1tGGaUOrQA61cyaII53ZdgCR1IU8bx7AUevmkFtBf+aqMWusWVOWJvGu2r5VpHVAIl8nF6DSkQIhAMjEJ3zVYa2/Mo4ey+iU9J9Vd+WoyXDQD4EEtwmyG1PpAiEAxuZlvhDIbbce7o5BvOhnCZ2N7kYb1ZC57g3F+cbJyW8CIQCbsDGHBto2qJyFxbAO7uQ8Y0UVHa0JBO/g900SAcJbcQIgRtEljIShOB8pDjrsQPxmI1BLhnjD1EhRSubwhDw5AFUCIQCNA24pDtdOHydwtSB5+zFqFLfmVZplQM/g5kb4so70Ywo=", password: "myprivatekeyspassword", } } responses: 200: body: application/json: type: getPrivateKeyResponse example: { private_key: { id: "system_net_ipsec_files_private_keys-1", name: "512b-rsa-example-key.der", content: "MIIBOwIBAAJBAJv8ZpB5hEK7qxP9K3v43hUS5fGT4waKe7ix4Z4mu5UBv+cw7WSFAt0Vaag0sAbsPzU8Hhsrj/qPABvfB8asUwcCAwEAAQJAG0r3ezH35WFG1tGGaUOrQA61cyaII53ZdgCR1IU8bx7AUevmkFtBf+aqMWusWVOWJvGu2r5VpHVAIl8nF6DSkQIhAMjEJ3zVYa2/Mo4ey+iU9J9Vd+WoyXDQD4EEtwmyG1PpAiEAxuZlvhDIbbce7o5BvOhnCZ2N7kYb1ZC57g3F+cbJyW8CIQCbsDGHBto2qJyFxbAO7uQ8Y0UVHa0JBO/g900SAcJbcQIgRtEljIShOB8pDjrsQPxmI1BLhnjD1EhRSubwhDw5AFUCIQCNA24pDtdOHydwtSB5+zFqFLfmVZplQM/g5kb4so70Ywo=", password: "myprivatekeyspassword", timestamp: "2021-03-12T20:43:39+00:00", } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: Private key parameter missing. 404: description: > Private key {id} does not exist. delete: description: > Delete a private key. responses: 200: description: Private key deleted.. 404: description: Private key did not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec/private_key with name or id 'private_keys-1000'", "args": { "uuid": "private_keys-1000" }, "level": 1 } ] } /x509_certificates: type: base-type description: > Read, add, modify and delete x509 certificates (also known as Entity Certificates). get: description: > Get a list of the configured x509 certificates. responses: 200: body: application/json: type: getX509CertificateListResponse example: { "x509_certificates": [ { id: "system_net_ipsec_files_x509_certificates-1", name: "512b-rsa-example-cert-base64.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNFakNDQVhzQ0FnMzZNQTBHQ1NxR1NJYjNEUUVCQlFVQU1JR2JNUXN3Q1FZRFZRUUdFd0pLVURFT01Bd0cKQTFVRUNCTUZWRzlyZVc4eEVEQU9CZ05WQkFjVEIwTm9kVzh0YTNVeEVUQVBCZ05WQkFvVENFWnlZVzVyTkVSRQpNUmd3RmdZRFZRUUxFdzlYWldKRFpYSjBJRk4xY0hCdmNuUXhHREFXQmdOVkJBTVREMFp5WVc1ck5FUkVJRmRsCllpQkRRVEVqTUNFR0NTcUdTSWIzRFFFSkFSWVVjM1Z3Y0c5eWRFQm1jbUZ1YXpSa1pDNWpiMjB3SGhjTk1USXcKT0RJeU1EVXlOalUwV2hjTk1UY3dPREl4TURVeU5qVTBXakJLTVFzd0NRWURWUVFHRXdKS1VERU9NQXdHQTFVRQpDQXdGVkc5cmVXOHhFVEFQQmdOVkJBb01DRVp5WVc1ck5FUkVNUmd3RmdZRFZRUUREQTkzZDNjdVpYaGhiWEJzClpTNWpiMjB3WERBTkJna3Foa2lHOXcwQkFRRUZBQU5MQURCSUFrRUFtL3hta0htRVFydXJFLzByZS9qZUZSTGwKOFpQakJvcDd1TEhobmlhN2xRRy81ekR0WklVQzNSVnBxRFN3QnV3L05Ud2VHeXVQK284QUc5OEh4cXhUQndJRApBUUFCTUEwR0NTcUdTSWIzRFFFQkJRVUFBNEdCQUJTMlRMdUJlVFBtY2FUYVVXL0xDQjJOWU95OEdNZHpSMW14CjhpQkl1Mkg2L0UydGlZM1JJZXZWMk9XNjFxWTIvWFJRZzdZUHh4M2ZmZVV1Z1g5RjRKL2lQbm51MXpBeHh5QnkKMlZndUt2NFNXalJGb1JrSWZJbEhYMHFWdmlNaFNsTnkyaW9GTHk3SmNQWmIrdjNmdERHeXdVcWNCaVZEb2VhMApIbitHbXhaQQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==", timestamp: "2021-03-12T20:43:39+00:00", }, { id: "system_net_ipsec_files_x509_certificates-2", name: "512b-rsa-example-cert-base64.der", content: "MIICEjCCAXsCAg36MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQQGEwJKUDEOMAwGA1UECBMFVG9reW8xEDAOBgNVBAcTB0NodW8ta3UxETAPBgNVBAoTCEZyYW5rNEREMRgwFgYDVQQLEw9XZWJDZXJ0IFN1cHBvcnQxGDAWBgNVBAMTD0ZyYW5rNEREIFdlYiBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBmcmFuazRkZC5jb20wHhcNMTIwODIyMDUyNjU0WhcNMTcwODIxMDUyNjU0WjBKMQswCQYDVQQGEwJKUDEOMAwGA1UECAwFVG9reW8xETAPBgNVBAoMCEZyYW5rNEREMRgwFgYDVQQDDA93d3cuZXhhbXBsZS5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAm/xmkHmEQrurE/0re/jeFRLl8ZPjBop7uLHhnia7lQG/5zDtZIUC3RVpqDSwBuw/NTweGyuP+o8AG98HxqxTBwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBABS2TLuBeTPmcaTaUW/LCB2NYOy8GMdzR1mx8iBIu2H6/E2tiY3RIevV2OW61qY2/XRQg7YPxx3ffeUugX9F4J/iPnnu1zAxxyBy2VguKv4SWjRFoRkIfIlHX0qVviMhSlNy2ioFLy7JcPZb+v3ftDGywUqcBiVDoea0Hn+GmxZACg==", timestamp: "2021-03-12T20:43:39+00:00", }, { id: "system_net_ipsec_files_x509_certificates-3", name: "512b-rsa-example-cert.pem", content: "-----BEGIN CERTIFICATE----- MIICEjCCAXsCAg36MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQQGEwJKUDEOMAwG A1UECBMFVG9reW8xEDAOBgNVBAcTB0NodW8ta3UxETAPBgNVBAoTCEZyYW5rNERE MRgwFgYDVQQLEw9XZWJDZXJ0IFN1cHBvcnQxGDAWBgNVBAMTD0ZyYW5rNEREIFdl YiBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBmcmFuazRkZC5jb20wHhcNMTIw ODIyMDUyNjU0WhcNMTcwODIxMDUyNjU0WjBKMQswCQYDVQQGEwJKUDEOMAwGA1UE CAwFVG9reW8xETAPBgNVBAoMCEZyYW5rNEREMRgwFgYDVQQDDA93d3cuZXhhbXBs ZS5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAm/xmkHmEQrurE/0re/jeFRLl 8ZPjBop7uLHhnia7lQG/5zDtZIUC3RVpqDSwBuw/NTweGyuP+o8AG98HxqxTBwID AQABMA0GCSqGSIb3DQEBBQUAA4GBABS2TLuBeTPmcaTaUW/LCB2NYOy8GMdzR1mx 8iBIu2H6/E2tiY3RIevV2OW61qY2/XRQg7YPxx3ffeUugX9F4J/iPnnu1zAxxyBy 2VguKv4SWjRFoRkIfIlHX0qVviMhSlNy2ioFLy7JcPZb+v3ftDGywUqcBiVDoea0 Hn+GmxZA -----END CERTIFICATE-----", timestamp: "2021-03-12T20:43:39+00:00", } ] } post: description: > Configure a new x509 certificate. body: application/json: type: postX509CertificateBody example: { x509_certificate: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", } } responses: 201: body: application/json: type: getX509CertificateResponse example: { x509_certificate: { id: "system_net_ipsec_files_x509_certificates-1", name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: x509 certificate parameter missing. /{id}: get: description: > Get a single configured x509 certificate by its ID. responses: 200: body: application/json: type: getX509CertificateResponse example: { x509_certificate: { id: "system_net_ipsec_files_x509_certificates-1", name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", } } put: description: > Update a single configured x509 certificate. body: application/json: type: postX509CertificateBody example: { x509_certificate: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", } } responses: 200: body: application/json: type: getX509CertificateResponse example: { x509_certificate: { id: "system_net_ipsec_files_x509_certificates-1", name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: X509 certificate parameter missing. 404: description: > X509 Certificate {id} does not exist. delete: description: > Delete an x509 certificate. responses: 200: description: X509 certificate deleted. 404: description: X509 certificate did not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec/x509_certificate with name or id 'x509_certificates-1000'", "args": { "uuid": "x509_certificates-1000" }, "level": 1 } ] } /pdus: type: base-type description: > Configure, monitor and control PDUs connected to the device. get: description: > Get a list of all configured PDUs. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask" ] default: "cleartext" required: false responses: 200: body: application/json: type: PDUList example: { "pdus": [ { "id": "pdus-1", "name": "ServerTech PDU", "driver": "servertech", "monitor": true, "method": "snmp", "outlet_count": 2, "outlets": [ { "id": "outlets-1", "number": 1, "name": "servertech outlet 1", "port": "serial/by-opengear-id/port07", "status": "on", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", "last_action": "on", "last_action_timestamp": "2020-04-06 04:15:09.149994+00:00", }, { "id": "outlets-2", "number": 2, "name": "servertech outlet 2", "port": "serial/by-opengear-id/port08", "status": "off", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", "last_action": "off", "last_action_timestamp": "2020-04-06 04:15:09.149994+00:00", }, ], "snmp": { "id": "snmp-1", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "username": "michaelf", "engine_id": "0x80001f8803555000000000", "version": v3, "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "address": "snmp.example.com", "port": 167, } }, { "id": "pdus-2", "name": "apc PDU", "driver": "apc", "monitor": true, "method": "powerman", "outlet_count": 2, "outlets": [ { "id": "outlets-3", "number": 1, "name": "apc outlet 1", "port": "serial/by-opengear-id/port08", "status": "on", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", "last_action": "on", "last_action_timestamp": "2020-04-06 04:15:09.149994+00:00", }, { "id": "outlets-4", "number": 2, "name": "apc outlet 2", "port": "serial/by-opengear-id/port09", "status": "off", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", "last_action": "off", "last_action_timestamp": "2020-04-06 04:15:09.149994+00:00", }, ], "powerman": { "id": "powerman-1", "username": "admin", "password": "password", "port": "serial/by-opengear-id/port01", } }, { "id": "pdus-2", "name": "shell PDU", "monitor": true, "driver": "shell", "method": "shell", "outlet_count": 2, "outlets": [ { "id": "outlets-5", "number": 1, "name": "shell outlet 1", "port": "serial/by-opengear-id/port03", "status": "on", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", "last_action": "on", "last_action_timestamp": "2020-04-06 04:15:09.149994+00:00", }, { "id": "outlets-4", "number": 2, "name": "shell outlet 2", "port": "serial/by-opengear-id/port04", "status": "off", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", "last_action": "off", "last_action_timestamp": "2020-04-06 04:15:09.149994+00:00", }, ], "shell": { "id": "shell-1", "username": "admin", "password": "password", "port": "serial/by-opengear-id/port02", } }, ], } post: description: > Add a new PDU. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: setPDU example: { "pdu": { "name": "example", "driver": "apc_24_port_(ap7998)", "monitor": true, "method": "powerman", "powerman": { "id": "powerman-1", "username": "user1", "password": "password", "port": "serial/by-opengear-id/port01" } } } responses: 200: body: application/json: type: PDUId example: { "pdu": { "id": "pdus-1", "name": "example", "driver": "apc_24_port_(ap7998)", "monitor": true, "method": "powerman", "powerman": { "id": "powerman-1", "username": "user1", "password": "password", "port": "serial/by-opengear-id/port01" }, "outlets": [ { "id": "outlets-1", "number": 1, "name": "shell outlet 1", "port": "serial/by-opengear-id/port03", "status": "on", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", "last_action": "on", "last_action_timestamp": "2020-04-06 04:15:09.149994+00:00", }, { "id": "outlets-2", "number": 2, "name": "shell outlet 2", "port": "serial/by-opengear-id/port04", "status": "off", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", }, ] } } 400: description: > Invalid request: Body is not json or does not conform to required json schema. /{id}: description: get: description: > Get a PDU by id. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask" ] default: "cleartext" required: false responses: 200: body: application/json: type: PDUId example: { "pdu": { "id": "pdus-1", "name": "ServerTech PDU", "driver": "servertech", "monitor": true, "method": "snmp", "outlet_count": 2, "outlets": [ { "id": "outlets-1", "number": 1, "name": "servertech outlet 1", "port": "serial/by-opengear-id/port07", "status": "on", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", "last_action": "on", "last_action_timestamp": "2020-04-06 04:15:09.149994+00:00", }, { "id": "outlets-2", "number": 2, "name": "servertech outlet 2", "port": "serial/by-opengear-id/port08", "status": "off", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", "last_action": "off", "last_action_timestamp": "2020-04-06 04:15:09.149994+00:00", }, ], "snmp": { "id": "snmp-1", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "username": "michaelf", "engine_id": "0x80001f8803555000000000", "version": v3, "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "address": "snmp.example.com", "port": 167, }, }, } 404: description: > No PDU found with that ID. put: description: > Update an existing PDU. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: setPDU example: { "pdu": { "name": "example", "driver": "apc_24_port_(ap7998)", "monitor": true, "method": "powerman", "powerman": { "id": "powerman-1", "username": "user1", "password": "password", "port": "serial/by-opengear-id/port01" }, } } responses: 200: body: application/json: type: PDUId example: { "pdu": { "id": "pdu-1", "name": "example", "driver": "apc_24_port_(ap7998)", "monitor": true, "method": "powerman", "powerman": { "id": "powerman-1", "username": "user1", "password": "passwords", "port": "serial/by-opengear-id/port01" }, "outlets": [ { "id": "outlets-1", "number": 1, "name": shell outlet 1", "port": "serial/by-opengear-id/port03", "status": "on", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", }, { "id": "outlets-2", "number": 2, "name": shell outlet 2", "port": "serial/by-opengear-id/port04", "status": "off", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", }, ] } } 400: description: > Invalid request: Body is not json or does not conform to required json schema. Incomplete data: PDU id parameter missing. 404: description: PDU did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find pdu with name or id 'pdu-1'", "args": { "uuid": "pdu-1" }, "level": 1 } ] } delete: description: > Delete a PDU. responses: 200: description: PDU deleted 404: description: PDU did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find pdu with name or id 'pdu-1'", "args": { "uuid": "pdu-1" }, "level": 1 } ] } /auto_response: description: > Read and manipulate information pertaining to the Auto-Response system running on the Operations Manager appliance. /beacons: type: base-type # auto_response_beacons.getAutoResponseBeacons description: > Read and manipulate the Auto-Response beacons on the Operations Manager appliance. get: description: > Get a list of the Auto-Response Beacons. # displayName: getAutoResponseBeacon responses: 200: body: application/json: type: getAutoResponseBeaconListResponse example: { "beacons": [ { id: "0", name: "wtmp-beacon", description: "Description for the wtmp beacon", module: "wtmp", interval: 60, enable: true, wtmp: { login: true, logout: true }, actions: [], dependant_keys_any: [], dependant_keys_all: [] }, { id: "1", name: "custom-beacon", module: "custom_cmd", interval: 60, enable: true, custom_cmd: { shell_command: "/usr/bin/top -n 5 | grep ssh", timeout: 5 }, actions: [ { action: "auto_response_reactions-7", resolution_values: [ "trigger", "resolve" ] }, ], dependant_keys_any: [], dependant_keys_all: [] } ], meta: { total_pages: "1" } } 400: description: Invalid request, missing or incorrect page/per_page body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } #auto_response_beacons.post post: description: Add a new Auto-Response beacon to the Operations Manager appliance. body: application/json: type: setAutoResponseBeacon example: { "auto_response_beacon": { name: "wtmp-beacon", description: "The description for this wtmp beacon", module: "wtmp", interval: 60, enable: true, wtmp: { login: true, logout: true }, actions: [ { action: "auto_response_reactions-7", resolution_values: [ "trigger", "resolve" ] }, ], dependant_keys_any: [], dependant_keys_all: [] } } responses: 200: description: The beacon was added. body: application/json: type: getAutoResponseBeaconResponse example: { "auto_response_beacon": { id: "0", name: "wtmp-beacon", description: "The description for this wtmp beacon", module: "wtmp", interval: 60, enable: true, wtmp: { login: true, logout: true }, actions: [], dependant_keys_any: [], dependant_keys_all: [] } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: beacon id parameter missing. 404: description: > Beacon {id} does not exist. Attempted to change read only fields. Attempted to change unknown fields. delete: description: Bulk delete a list of beacons defined for the appliance. body: application/json: type: bulkDeleteAutoResponseBeaconList example: { "auto_response_beacon": [ "auto_response_beacon-1", "auto_response_beacon-5", ] } responses: 204: description: All beacons were deleted successfully. 400: description: Invalid request body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } 404: description: Beacon(s) do not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find auto_response/beacon with name or id 'auto_response_beacon-5'", "args": { "uuid": "auto_response_beacon-5" }, "level": 1 } ] } /{id}: type: base-type # auto_response_beacon.get get: description: > Get the configuration of an Auto-Response beacon on the Operations Manager appliance responses: 200: body: application/json: type: getAutoResponseBeaconResponse example: { "auto_response_beacon": { id: "0", name: "wtmp-beacon", description: "The description for this wtmp beacon", module: "wtmp", interval: 60, enable: true, wtmp: { login: true, logout: true }, actions: [], dependant_keys_any: [], dependant_keys_all: [] } } # auto_response_beacon.put put: description: > Update settings for an Auto-Response beacon on the Operations Manager appliance. body: application/json: type: setAutoResponseBeacon example: { "auto_response_beacon": { name: "wtmp-beacon", description: "The description for this wtmp beacon", module: "wtmp", interval: 60, enable: true, wtmp: { login: true, logout: true }, actions: [], dependant_keys_any: [], dependant_keys_all: [] } } responses: 200: description: The beacon settings were updated. body: application/json: type: getAutoResponseBeaconResponse example: { "auto_response_beacon": { id: "0", name: "wtmp-beacon", description: "The description for this wtmp beacon", module: "wtmp", interval: 60, enable: true, wtmp: { login: true, logout: true }, actions: [], dependant_keys_any: [], dependant_keys_all: [] } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: beacon id parameter missing. 404: description: > beacon {id} does not exist. Attempted to change read only fields. Attempted to change unknown fields. # auto_response_beacon.delete delete: displayName: deleteBeacon description: > Delete an Auto-Response beacon on the Operations Manager appliance responses: 200: description: Beacon deleted 404: description: Beacon did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find auto_response/beacon with name or id 'services_autoresponse_beacon-1'", "args": { "uuid": "services_autoresponse_beacon-1" }, "level": 1 } ] } /reactions: type: base-type # auto_response_reactions.getAutoResponseReactions description: > Read and manipulate the Auto-Response reactions on the Operations Manager appliance. get: description: > Get a list of the Auto-Response Reactions. # displayName: getAutoResponseReactions responses: 200: body: application/json: type: getAutoResponseReactionListResponse example: { "reactions": [ { id: "0", name: "slack-reaction", sub_type: "slack", slack: { channels: [ "#here", "#there" ], message: "Example test message", from_name: "me@here.com", api_key: "key123" } }, { id: "1", name: "cell_message-reaction", sub_type: "cell_message_react", cell_message_react: { phone_numbers: [ "15551234", "15554321" ], message: "Example SMS text" } } ], meta: { total_pages: "1" } } 400: description: Invalid request, missing or incorrect page/per_page body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } #auto_response_reactions.post post: description: Add a new Auto-Response reaction to the Operations Manager appliance. body: application/json: type: setAutoResponseReaction example: { "auto_response_reaction": { name: "slack-reaction", sub_type: "slack", slack: { channels: [ "#here", "#there" ], message: "Example test message", from_name: "me@here.com", api_key: "key123" } } } responses: 200: description: The reaction was added. body: application/json: type: getAutoResponseReactionResponse example: { "auto_response_reaction": { id: "0", name: "slack-reaction", sub_type: "slack", slack: { channels: [ "#here", "#there" ], message: "Example test message", from_name: "me@here.com", api_key: "key123" } } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: reaction id parameter missing. 404: description: > Reaction {id} does not exist. Attempted to change read only fields. Attempted to change unknown fields. delete: description: Bulk delete a list of reactions defined for the appliance. body: application/json: type: bulkDeleteAutoResponseReactionList example: { "auto_response_reaction": [ "auto_response_reaction-1", "auto_response_reaction-5", ] } responses: 204: description: All reactions were deleted successfully. 400: description: Invalid request body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } 404: description: Reaction(s) do not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find auto_response/reaction with name or id 'auto_response_reaction-5'", "args": { "uuid": "auto_response_reaction-5" }, "level": 1 } ] } /{id}: type: base-type # reaction.get get: description: > Get the configuration of an Auto-Response reaction on the Operations Manager appliance responses: 200: body: application/json: type: getAutoResponseReactionResponse example: { "auto_response_reaction": { id: "0", name: "slack-reaction", sub_type: "slack", slack: { channels: [ "#here", "#there" ], message: "Example test message", from_name: "me@here.com", api_key: "key123" } } } # reaction.put put: description: > Update settings for an Auto-Response reaction on the Operations Manager appliance. body: application/json: type: setAutoResponseReaction example: { "auto_response_reaction": { name: "slack-reaction", sub_type: "slack", slack: { channels: [ "#here", "#there" ], message: "Example test message", from_name: "me@here.com", api_key: "key123" } } } responses: 200: description: The reaction settings were updated. body: application/json: type: getAutoResponseReactionResponse example: { "auto_response_reaction": { id: "0", name: "slack-reaction", sub_type: "slack", slack: { channels: [ "#here", "#there" ], message: "Example test message", from_name: "me@here.com", api_key: "key123" } } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: reaction id parameter missing. 404: description: > reaction {id} does not exist. Attempted to change read only fields. Attempted to change unknown fields. #reaction.delete delete: displayName: deleteReaction description: > Delete an Auto-Response reaction on the Operations Manager appliance responses: 200: description: Reaction deleted 404: description: Reaction did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find auto_response/reaction with name or id 'services_autoresponse_reaction-1'", "args": { "uuid": "services_autoresponse_reaction-1" }, "level": 1 } ] } /status: type: base-type # auto_response.getAutoResponseStatus description: > Read the AutoResponse Status on the Operations Manager appliance. get: description: > Get the status of the Auto-Response Beacons. queryParameters: eventLines: description: The number of event lines to fetch - min 0. type: integer required: false default: 50 # displayName: getAutoResponseStatus responses: 200: body: application/json: type: getAutoResponseStatus example: { auto_response_status: { "beacons": [ { id: "0", name: "wtmp-beacon", module: "wtmp", trigger_count: 0, last_triggered: "", beacon_data: {}, events: [] }, { id: "1", name: "curl-beacon", module: "curl", trigger_count: 1, last_triggered: "2020-01-16T20:22:14.477327", beacon_data: { "cmd": [ "/usr/bin/curl", "--max-time", "3", "--request", "GET", "http://www.google.com" ], "exit_status": 0, "timeout": 5, "_stamp": "2020-01-16T20:22:14.477327", "id": "22161907057534", "result": "success" }, events: [ { "beacon_data": { "cmd": [ "/usr/bin/curl", "--max-time", "3", "--request", "GET", "http://www.google.com" ], "exit_status": 0, "timeout": 5, "_stamp": "2020-01-16T20:22:14.477327", "id": "22161907057534", "result": "success" }, "beacon_id": "auto_response_beacons-1", "timestamp": "2020-01-16T20:22:14.477327", "beacon_name": "curl-beacon" }, { "timestamp": "2020-01-16T20:22:14", "beacon_id": "auto_response_beacons-1", "reactor_id": "auto_response_reactions-1", "reactor_type": "custom_command", "reactor_name": "custom cmd reaction test", "beacon_tag": "salt/beacon/22481809000004/curl-beacon/", "beacon_name": "curl-beacon", "reactor_filename": "reactor_0_0.py" }, ], } ], } } 400: description: > Number of eventLines is not a positive number. /beacons: /{id}: type: base-type get: description: > Get the status of the Auto-Response Beacon queryParameters: eventLines: description: The number of event lines to fetch - min 0. type: integer required: false default: 50 responses: 200: body: application/json: type: getAutoResponseBeaconStatus example: { "auto_response_status": { id: "1", name: "curl-beacon", module: "curl", trigger_count: 1, last_triggered: "2020-01-16T20:22:14.477327", beacon_data: { "cmd": [ "/usr/bin/curl", "--max-time", "3", "--request", "GET", "http://www.google.com" ], "exit_status": 0, "timeout": 5, "_stamp": "2020-01-16T20:22:14.477327", "id": "22161907057534", "result": "success" }, events: [ { "beacon_data": { "cmd": [ "/usr/bin/curl", "--max-time", "3", "--request", "GET", "http://www.google.com" ], "exit_status": 0, "timeout": 5, "_stamp": "2020-01-16T20:22:14.477327", "id": "22161907057534", "result": "success" }, "beacon_id": "auto_response_beacons-1", "timestamp": "2020-01-16T20:22:14.477327", "beacon_name": "curl-beacon" }, { "timestamp": "2020-01-16T20:22:14", "beacon_id": "auto_response_beacons-1", "reactor_id": "auto_response_reactions-1", "reactor_type": "custom_command", "reactor_name": "custom cmd reaction test", "beacon_tag": "salt/beacon/22481809000004/curl-beacon/", "beacon_name": "curl-beacon", "reactor_filename": "reactor_0_0.py" }, ] } } 400: description: > Number of eventLines is not a positive number. 404: description: > beacon {id} does not exist. /beacon-modules: type: base-type # auto_response.getAutoResponseStatusBeaconModules description: > Read the AutoResponse Status of Beacon Modules on the Operations Manager appliance. get: description: > Get all the Beacon Modules and their resolution values that can be used to filter beacon events. # displayName: getAutoResponseStatusBeaconModules responses: 200: body: application/json: type: getAutoResponseStatusBeaconModules example: { "beacon-modules": [ { "module": "ping", "resolution_values": [ "trigger", "resolve" ] }, { "module": "cell_message", "resolution_values": [] }, { "module": "network", "resolution_values": [] }, { "module": "serial_signal", "resolution_values": [] }, { "module": "mem", "resolution_values": [] }, { "module": "cell_signal_strength", "resolution_values": [ "trigger", "resolve" ] }, { "module": "custom_cmd", "resolution_values": [ "trigger", "resolve" ] }, { "module": "serial_pattern", "resolution_values": [] }, { "module": "curl", "resolution_values": [ "trigger", "resolve" ] }, { "module": "cell_connection", "resolution_values": [] }, { "module": "serial_login", "resolution_values": [] }, { "module": "btmp", "resolution_values": [] }, { "module": "load", "resolution_values": [] }, { "module": "wtmp", "resolution_values": [] }, ] } /ip_passthrough: type: base-type description: IP Passthrough endpoints are for retrieving / changing IP Passthrough settings. get: description: Retrieve the current IP Passthrough settings. responses: 200: description: > Returns the current IP Passthrough settings.
body: application/json: type: ipPassthrough examples: example1: { "ip_passthrough": { "enabled": false, "passthrough_physif": "net1", "mac_address": None, "service_intercepts": { "https": 0, "ssh": 0 }, } } example2: { "ip_passthrough": { "enabled": true, "passthrough_physif": "net2", "mac_address": "00:e0:4c:12:93:8d", "service_intercepts": { "https": 5511, "ssh": 0 }, } } put: description: Set the IP Passthrough settings. body: application/json: type: ipPassthrough examples: example1: { "ip_passthrough": { "enabled": true, "passthrough_physif": "net1", "mac_address": "00:e0:4c:12:93:8d", "service_intercepts": { "https": 8443, "ssh": 8222 }, } } example2: { "ip_passthrough": { "enabled": false, "passthrough_physif": "net2", "service_intercepts": { }, } } responses: 200: description: Returns the current IP Passthrough settings. body: application/json: type: ipPassthrough examples: example1: { "ip_passthrough": { "enabled": true, "passthrough_physif": "net1", "mac_address": "00:e0:4c:12:93:8d", "service_intercepts": { "https": 8443, "ssh": 8222 }, } } example2: { "ip_passthrough": { "enabled": false, "passthrough_physif": "net2", "mac_address": None, "service_intercepts": { "https": 0, "ssh": 0 }, } } /status: type: base-type description: The IP Passthrough status endpoint provides information about what part of the IP Passthrough connection process the device is currently at and information about the connected downstream device. get: description: Retrieve the current IP Passthrough status. responses: 200: description: This response object provides information about the current status of the IP Passthrough connection and the connected downstream device.
body: application/json: type: ipPassthroughStatus examples: example1: { "ip_passthrough_status": { "status": "active", "downstream_ip": "100.120.10.1", "downstream_mac": "01:02:03:04:05:06" } } example2: { "ip_passthrough_status": { "status": "connecting", "downstream_ip": '', "downstream_mac": '' } } example3: { "ip_passthrough_status": { "status": "cell_not_active", "downstream_ip": '', "downstream_mac": '' } } example4: { "ip_passthrough_status": { "status": "disabled", "downstream_ip": '', "downstream_mac": '' } }