List, create, update Cisco APIC authentication records for compliance scans (using PC). Compliance scans are supported (using PC).
Parameter |
Required/Optional |
Data Type |
Description |
---|---|---|---|
action |
Required | String | Specify to list, create, update, delete, authentication records. |
ids |
Required | Integer | Specify a single or comma separated valid Cisco APIC type authentication record ID(s). |
title |
Required | Alphanumeric |
Specify the title for the authentication record. |
ips | Required | Integer | Specify the IP address(es) the server will log into using the record’s credentials. Multiple entries are comma separated. |
username | Required | String | Specify username for authentication login. |
password | Required | String | Specify password for authentication login. |
port | Required | Integer | Specify port number required on Cisco APIC devices. |
ssl_verify | Optional | Integer | SSL verification is skipped by default. Set to 1 if you want to verify the server’s certificate is valid and trusted. |
Require Certificate | Optional | AlphaNumeric | It contains two textfields, certificate and privatekey |
use_ad_hashicorp{0|1} | Optional | Boolean | Use to manage the utilization of Active Directory (AD)Secrets Engine in HashiCorp authentication records. Specify 1 to use Active Directory (AD) Secrets Engine in the authentication records. |
Vault Parameter | Note: The vault parameters are supported on the following vault types (Secret server Vault, Quest Vault, Hashicorp Vault, CyberArk AIM Vault, CyberArk PIM Vault, and AzureKey Vault). | ||
vault_type | Required | String | Specify if create, and login_type=vault. (private key only supports "Cyber-Ark AIM" and "BeyondTrust PBPS", whereas passphrase does not support "BeyondTrust PBPS"). |
vault_id | Required | Integer | Specify if create, and login_type=vault. The ID of the vault to be used to retrieve the password for login. |
file | Required | String | Specify to create, if vault_type= "Cyber-Ark AIM" or "Cyber-ARK PIM Suite". |
folder | Required | String | Specify to create, if vault_type="Cyber-Ark AIM" or "Cyber-ARK PIM Suite. |
secret_name | Required | String | Specify to create, if vault_type="Thycotic Secret Server". |
system_name | Required | String | Specify if yes(Quest) / no(BeyondTrust PBPS) (create, and vault_type="Quest Vault" or "BeyondTrust PBPS"). |
account_name | Required | String | Specify to create, if vault_type="BeyondTrust PBPS". |
API request
curl -u "<token>" -H "X-Requested-With: curl" -d "action=list" "<qualys_base_url>/api/2.0/fo/auth/cisco_apic/"
XML output
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE AUTH_CISCO_APIC_LIST_OUTPUT SYSTEM "<qualys_base_url>/api/2.0/fo/auth/cisco_apic/auth_cisco_apic_list_ output.dtd"> <AUTH_CISCO_APIC_LIST_OUTPUT> <RESPONSE> <AUTH_CISCO_APIC_LIST> <AUTH_CISCO_APIC> <ID>dummy text</ID> <TITLE><![CDATA[user 1]]></TITLE> <USERNAME><![CDATA[user 1]]></USERNAME> <PORT>444</PORT> <WINDOWS_DOMAIN><![CDATA[aaaa]]></WINDOWS_DOMAIN> <SSL_VERIFY><![CDATA[1]]></SSL_VERIFY> <IP_SET> <IP>3.3.3.3</IP> </IP_SET> <REQUIRE_CERT><![CDATA[1]]></REQUIRE_CERT> <DOMAIN><![CDATA[aaaa]]></DOMAIN> <PORT><![CDATA[444]]></PORT> <SSL_VERIFY_WITH_HOST><![CDATA[1]]></SSL_VERIFY_WITH_HOST> <LOGIN_TYPE><![CDATA[basic]]></LOGIN_TYPE> <CREATED> <BY>user_1</BY> </CREATED> </AUTH_CISCO_APIC> </AUTH_CISCO_APIC_LIST> </RESPONSE> </AUTH_CISCO_APIC_LIST_OUTPUT>
API request
curl -u "<token>" -H "X-Requested-With: curl" -d "action=create&ips=3.3.3.3&title=testciscoapic&username=admin&password=ab c123&port=443" "<qualys_base_url>/api/2.0/fo/auth/cisco_apic/"
XML output
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE BATCH_RETURN SYSTEM "<qualys_base_url>/api/2.0/batch_return.dtd"> <BATCH_RETURN> <RESPONSE> <DATETIME>2023-08-09T11:03:04Z</DATETIME> <BATCH_LIST> <BATCH> <TEXT>Successfully Created</TEXT> <ID_SET> <ID>dummy text</ID> </ID_SET> </BATCH> </BATCH_LIST> </RESPONSE> </BATCH_RETURN>
API request
curl -u "<token>" -H "X-Requested-With: curl" -d "action=update&ids=7850382&title=testciscoapic" "<qualys_base_url>/api/2.0/fo/auth/cisco_apic/"
XML output
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE BATCH_RETURN SYSTEM "<qualys_base_url>/api/2.0/batch_return.dtd"> <BATCH_RETURN> <RESPONSE> <DATETIME>2023-08-09T10:48:33Z</DATETIME> <BATCH_LIST> <BATCH> <TEXT>Successfully Updated</TEXT> <ID_SET> <ID>dummy text</ID> </ID_SET> </BATCH> </BATCH_LIST> </RESPONSE> </BATCH_RETURN>
Qualys API Server URL/api/2.0/fo/auth/auth_cisco_apic_list_output.dtd