NSX-T Data Center REST API

Update node authentication policy configuration

Update the currently configured authentication policy on the node.
If any of api_max_auth_failures, api_failed_auth_reset_period, or
api_failed_auth_lockout_period are modified, the http service is
automatically restarted.

Request:

Method:

PUT

URI Path(s):

/api/v1/transport-nodes/<transport-node-id>/node/aaa/auth-policy
/api/v1/node/aaa/auth-policy
/api/v1/cluster/<cluster-node-id>/node/aaa/auth-policy

Request Headers:

n/a

Query Parameters:

n/a

Request Body:

AuthenticationPolicyProperties+

AuthenticationPolicyProperties (schema)

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
api_failed_auth_lockout_period	Lockout period in seconds Once a lockout occurs, the account remains locked out of the API for this time period. Only applies to NSX Manager nodes. Ignored on other node types.	integer	Minimum: 0 Default: "900"
api_failed_auth_reset_period	Period, in seconds, for authentication failures to trigger lockout In order to trigger an account lockout, all authentication failures must occur in this time window. If the reset period expires, the failed login count is reset to zero. Only applies to NSX Manager nodes. Ignored on other node types.	integer	Minimum: 0 Default: "900"
api_max_auth_failures	Number of authentication failures that trigger API lockout Only applies to NSX Manager nodes. Ignored on other node types.	integer	Minimum: 0 Default: "5"
cli_failed_auth_lockout_period	Lockout period in seconds Once a lockout occurs, the account remains locked out of the CLI for this time period. While the lockout period is in effect, additional authentication attempts restart the lockout period, even if a valid password is specified.	integer	Minimum: 0 Default: "900"
cli_max_auth_failures	Number of authentication failures that trigger CLI lockout	integer	Minimum: 0 Default: "5"
minimum_password_length	Minimum number of characters required in account passwords	integer	Minimum: 8 Default: "8"

Example Request:

PUT https://<nsx-mgr>/api/v1/node/aaa/auth-policy { "minimum_password_length": 12 }

Successful Response:

Response Code:

202 Accepted

Response Headers:

Content-type: application/json

Response Body:

AuthenticationPolicyProperties+

AuthenticationPolicyProperties (schema)

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
api_failed_auth_lockout_period	Lockout period in seconds Once a lockout occurs, the account remains locked out of the API for this time period. Only applies to NSX Manager nodes. Ignored on other node types.	integer	Minimum: 0 Default: "900"
api_failed_auth_reset_period	Period, in seconds, for authentication failures to trigger lockout In order to trigger an account lockout, all authentication failures must occur in this time window. If the reset period expires, the failed login count is reset to zero. Only applies to NSX Manager nodes. Ignored on other node types.	integer	Minimum: 0 Default: "900"
api_max_auth_failures	Number of authentication failures that trigger API lockout Only applies to NSX Manager nodes. Ignored on other node types.	integer	Minimum: 0 Default: "5"
cli_failed_auth_lockout_period	Lockout period in seconds Once a lockout occurs, the account remains locked out of the CLI for this time period. While the lockout period is in effect, additional authentication attempts restart the lockout period, even if a valid password is specified.	integer	Minimum: 0 Default: "900"
cli_max_auth_failures	Number of authentication failures that trigger CLI lockout	integer	Minimum: 0 Default: "5"
minimum_password_length	Minimum number of characters required in account passwords	integer	Minimum: 8 Default: "8"

Response Code:

200 OK

Response Headers:

Content-type: application/json

Response Body:

AuthenticationPolicyProperties+

AuthenticationPolicyProperties (schema)

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
api_failed_auth_lockout_period	Lockout period in seconds Once a lockout occurs, the account remains locked out of the API for this time period. Only applies to NSX Manager nodes. Ignored on other node types.	integer	Minimum: 0 Default: "900"
api_failed_auth_reset_period	Period, in seconds, for authentication failures to trigger lockout In order to trigger an account lockout, all authentication failures must occur in this time window. If the reset period expires, the failed login count is reset to zero. Only applies to NSX Manager nodes. Ignored on other node types.	integer	Minimum: 0 Default: "900"
api_max_auth_failures	Number of authentication failures that trigger API lockout Only applies to NSX Manager nodes. Ignored on other node types.	integer	Minimum: 0 Default: "5"
cli_failed_auth_lockout_period	Lockout period in seconds Once a lockout occurs, the account remains locked out of the CLI for this time period. While the lockout period is in effect, additional authentication attempts restart the lockout period, even if a valid password is specified.	integer	Minimum: 0 Default: "900"
cli_max_auth_failures	Number of authentication failures that trigger CLI lockout	integer	Minimum: 0 Default: "5"
minimum_password_length	Minimum number of characters required in account passwords	integer	Minimum: 8 Default: "8"

Example Response:

{ "minimum_password_length": 12 }

Required Permissions:

crud

Feature:

system_administration

NSX-T Data Center REST API

Update node authentication policy configuration

Request:

AuthenticationPolicyProperties (schema)

Example Request:

Successful Response:

AuthenticationPolicyProperties (schema)

AuthenticationPolicyProperties (schema)

Example Response:

Required Permissions:

Feature:

Additional Errors: