NSX Autonomous Edge REST API

Associated URIs:

API Description	API Path
Read node authentication policy and password complexity configuration Returns information about the currently configured authentication policies and password complexity on the node.	GET /node/aaa/auth-policy
Resets node authentication policy and password complexity configuration Resets to default, currently configured authentication policy and password complexity on the node. Administrators need to enforce password change for existing user accounts in order to match newly configured complexity requirements in system. reset-all: resets configured Authentication policy and Password complexity reset-auth-policies: resets only configured Authentication policy includes - {api_failed_auth_lockout_period, api_failed_auth_reset_period, api_max_auth_failures, cli_failed_auth_lockout_period, cli_max_auth_failures} reset-pwd-complexity: resets only configured Password complexity	POST /node/aaa/auth-policy?action=reset-all POST /node/aaa/auth-policy?action=reset-auth-policies POST /node/aaa/auth-policy?action=reset-pwd-complexity
Update node authentication policy and password complexity configuration Update the currently configured authentication policy and password complexity on the node. If any of api_max_auth_failures, api_failed_auth_reset_period, or api_failed_auth_lockout_period are modified, the http service is automatically restarted. Whereas change in any password complexity will not be applicable on already configured user passwords. Administrators need to enforce password change for existing user accounts in order to match newly configured complexity requirements enforced in system. All values from AuthenticationPolicyProperties are in sync among the management cluster nodes.	PUT /node/aaa/auth-policy
List node users Returns the list of users configured to log in to the NSX appliance.	GET /node/users GET /node/users?internal=true
Delete node user Delete specified user who is configured to log in to the NSX appliance. Whereas local users root and administrator are not allowed to be deleted, but local user audit is deletable on-demand. Caution, users deleted from following node types cannot be recovered, kindly plan the removal of user accounts accordingly. Autonomous Edge Cloud Service Manager Edge Public Cloud Gateway	DELETE /node/users/{userid}
Read node user Returns information about a specified user who is configured to log in to the NSX appliance. The valid user IDs are: 0, 10000, 10002 or other users managed by administrators.	GET /node/users/{userid}
Update node user Updates attributes of an existing NSX appliance user. This method cannot be used to add a new user. Modifiable attributes include the username, full name of the user, and password. If you specify a password in a PUT request, it is not returned in the response. Nor is it returned in a GET request. The specified password does not meet the following (default) complexity requirements: - minimum 12 characters in length - minimum 128 characters in length - minimum 1 uppercase character - minimum 1 lowercase character - minimum 1 numeric character - minimum 1 special character - minimum 5 unique characters - default password complexity rules as enforced by the Linux PAM module the configured password complexity may vary as per defined Authentication and Password policies, which shall be available at: [GET]: /api/v1/node/aaa/auth-policy The valid user IDs are: 0, 10000, 10002 or other users managed by administrators. Note that invoking this API does not update any user-related properties of existing objects in the system and does not modify the username field in existing audit log entries.	PUT /node/users/{userid}
List SSH keys from authorized_keys file for node user Returns a list of all SSH keys from authorized_keys file for node user	GET /node/users/{userid}/ssh-keys
Add SSH public key to authorized_keys file for node user	POST /node/users/{userid}/ssh-keys?action=add_ssh_key
Remove SSH public key from authorized_keys file for node user	POST /node/users/{userid}/ssh-keys?action=remove_ssh_key

Additional Links

Authentication Policy

Users