Cisco APIC 4.x Authentication Record

GET POST/api/2.0/fo/auth/cisco_apic

List, create, update Cisco APIC authentication records for compliance scans (using PC). Compliance scans are supported (using PC).

Input ParametersInput Parameters

Parameter

Required/Optional

Data Type

Description

action

Required String  Specify to list, create, update, delete, authentication records.

ids

Required Integer  Specify a single or comma separated valid Cisco APIC type authentication record ID(s).

title

Required  Alphanumeric 

Specify the title for the authentication record.

ips Required Integer Specify the IP address(es) the server will log into using the record’s credentials. Multiple entries are comma separated.
username Required String Specify username for authentication login.
password Required String Specify password for authentication login.
port Required Integer Specify port number required on Cisco APIC devices.
ssl_verify Optional Integer SSL verification is skipped by default. Set to 1 if you want to verify the server’s certificate is valid and trusted.
Require Certificate Optional AlphaNumeric It contains two textfields, certificate and privatekey
use_ad_hashicorp{0|1} Optional Boolean Use to manage the utilization of Active Directory (AD)Secrets Engine in HashiCorp authentication records. Specify 1 to use Active Directory (AD) Secrets Engine in the authentication records.
Vault Parameter   Note: The vault parameters are supported on the following vault types (Secret server Vault, Quest Vault, Hashicorp Vault, CyberArk AIM Vault, CyberArk PIM Vault, and AzureKey Vault).
vault_type Required  String  Specify if create, and login_type=vault. (private key only supports "Cyber-Ark AIM" and "BeyondTrust PBPS", whereas passphrase does not support "BeyondTrust PBPS").
vault_id Required Integer Specify if create, and login_type=vault. The ID of the vault to be used to retrieve the password for login.
file Required String  Specify to create, if vault_type= "Cyber-Ark AIM" or "Cyber-ARK PIM Suite".
folder  Required String  Specify to create, if vault_type="Cyber-Ark AIM" or "Cyber-ARK PIM Suite.
secret_name  Required  String  Specify to create, if vault_type="Thycotic Secret Server".
system_name Required  String  Specify if yes(Quest) / no(BeyondTrust PBPS) (create, and vault_type="Quest Vault" or "BeyondTrust PBPS").
account_name Required String  Specify to create, if vault_type="BeyondTrust PBPS".

Sample - List Cisco APIC RecordsSample - List Cisco APIC Records

API request

curl -u "<token>" -H "X-Requested-With: curl" -d "action=list" "<qualys_base_url>/api/2.0/fo/auth/cisco_apic/" 

XML output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE AUTH_CISCO_APIC_LIST_OUTPUT SYSTEM
"<qualys_base_url>/api/2.0/fo/auth/cisco_apic/auth_cisco_apic_list_
output.dtd">
<AUTH_CISCO_APIC_LIST_OUTPUT>
 <RESPONSE>
 <AUTH_CISCO_APIC_LIST>
<AUTH_CISCO_APIC>
<ID>dummy text</ID>
<TITLE><![CDATA[user 1]]></TITLE>
<USERNAME><![CDATA[user 1]]></USERNAME>
<PORT>444</PORT>
<WINDOWS_DOMAIN><![CDATA[aaaa]]></WINDOWS_DOMAIN>
 <SSL_VERIFY><![CDATA[1]]></SSL_VERIFY>
 <IP_SET>
<IP>3.3.3.3</IP>
 </IP_SET>
 <REQUIRE_CERT><![CDATA[1]]></REQUIRE_CERT>
 <DOMAIN><![CDATA[aaaa]]></DOMAIN>
 <PORT><![CDATA[444]]></PORT>
 <SSL_VERIFY_WITH_HOST><![CDATA[1]]></SSL_VERIFY_WITH_HOST>
 <LOGIN_TYPE><![CDATA[basic]]></LOGIN_TYPE>
 <CREATED>
<BY>user_1</BY>
 </CREATED>
 </AUTH_CISCO_APIC>
 </AUTH_CISCO_APIC_LIST>
 </RESPONSE>
</AUTH_CISCO_APIC_LIST_OUTPUT>
 

Sample - Create Cisco APIC RecordsSample - Create Cisco APIC Records

API request

curl -u "<token>" -H "X-Requested-With: curl" -d   "action=create&ips=3.3.3.3&title=testciscoapic&username=admin&password=ab   c123&port=443" "<qualys_base_url>/api/2.0/fo/auth/cisco_apic/"   

XML output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE BATCH_RETURN SYSTEM
"<qualys_base_url>/api/2.0/batch_return.dtd">
<BATCH_RETURN>
 <RESPONSE>
 <DATETIME>2023-08-09T11:03:04Z</DATETIME>
 <BATCH_LIST>
 <BATCH>
 <TEXT>Successfully Created</TEXT>
 <ID_SET>
<ID>dummy text</ID>
 </ID_SET>
 </BATCH>
 </BATCH_LIST>
 </RESPONSE>
</BATCH_RETURN>

Sample - Update Cisco APIC RecordsSample - Update Cisco APIC Records

API request

curl -u "&lt;token&gt;" -H "X-Requested-With: curl" -d    "action=update&ids=7850382&title=testciscoapic"    "&lt;qualys_base_url&gt;/api/2.0/fo/auth/cisco_apic/"    

XML output

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE BATCH_RETURN SYSTEM
"<qualys_base_url>/api/2.0/batch_return.dtd">
<BATCH_RETURN>
 <RESPONSE>
    <DATETIME>2023-08-09T10:48:33Z</DATETIME>
 <BATCH_LIST>
<BATCH>
<TEXT>Successfully Updated</TEXT>
<ID_SET>
 <ID>dummy text</ID>
</ID_SET>
</BATCH>
 </BATCH_LIST>
 </RESPONSE>
</BATCH_RETURN>

DTDs for Authentication Type “cisco”

Qualys API Server URL/api/2.0/fo/auth/auth_cisco_apic_list_output.dtd