NSX Autonomous Edge REST API

Associated URIs:

API Description	API Path
Read node authentication policy and password complexity configuration Returns information about the currently configured authentication policies and password complexity on the node.	GET /api/v1/node/aaa/auth-policy
Resets node authentication policy and password complexity configuration Resets to default, currently configured authentication policy and password complexity on the node. Administrators need to enforce password change for existing user accounts in order to match newly configured complexity requirements in system. reset-all: resets configured Authentication policy and Password complexity reset-auth-policies: resets only configured Authentication policy includes - {api_failed_auth_lockout_period, api_failed_auth_reset_period, api_max_auth_failures, cli_failed_auth_lockout_period, cli_max_auth_failures} reset-pwd-complexity: resets only configured Password complexity	POST /api/v1/node/aaa/auth-policy?action=reset-all\|reset-auth-policies\|reset-pwd-complexity
Update node authentication policy and password complexity configuration Update the currently configured authentication policy and password complexity on the node. If any of api_max_auth_failures, api_failed_auth_reset_period, or api_failed_auth_lockout_period are modified, the http service is automatically restarted. Whereas change in any password complexity will not be applicable on already configured user passwords. Administrators need to enforce password change for existing user accounts in order to match newly configured complexity requirements enforced in system. All values from AuthenticationPolicyProperties are in sync among the management cluster nodes.	PUT /api/v1/node/aaa/auth-policy
List node users Returns the list of users configured to log in to the NSX appliance.	GET /api/v1/node/users
Read node user Returns information about a specified user who is configured to log in to the NSX appliance. The valid user IDs are: 0, 10000, 10002.	GET /api/v1/node/users/<userid>
Update node user Updates attributes of an existing NSX appliance user. This method cannot be used to add a new user. Modifiable attributes include the username, full name of the user, and password. If you specify a password in a PUT request, it is not returned in the response. Nor is it returned in a GET request. The specified password does not meet the following (default) complexity requirements: - minimum 12 characters in length - minimum 128 characters in length - minimum 1 uppercase character - minimum 1 lowercase character - minimum 1 numeric character - minimum 1 special character - minimum 5 unique characters - default password complexity rules as enforced by the Linux PAM module the configured password complexity may vary as per defined Authentication and Password policies, which shall be available at: [GET]: /api/v1/node/aaa/auth-policy The valid user IDs are: 0, 10000, 10002. Note that invoking this API does not update any user-related properties of existing objects in the system and does not modify the username field in existing audit log entries.	PUT /api/v1/node/users/<userid>
List SSH keys from authorized_keys file for node user Returns a list of all SSH keys from authorized_keys file for node user	GET /api/v1/node/users/<userid>/ssh-keys
Remove SSH public key from authorized_keys file for node user	POST /api/v1/node/users/<userid>/ssh-keys?action=remove_ssh_key
Add SSH public key to authorized_keys file for node user	POST /api/v1/node/users/<userid>/ssh-keys?action=add_ssh_key

Additional Links

Authentication Policy

Users