Gets the details for the specified authentication provider.
id | Authentication provider identifier URN |
Requires one of the following roles:
SECURITY_ADMIN
SYSTEM_ADMIN
SYSTEM_MONITOR
Authentication provider details for the given identifier.
Field | Description | Type | Notes |
authnprovider | |||
description | Description of the provider | String | |
disable | Specifies if a provider is disabled or enabled. During the operation of the system, a disabled provider will exist but not be considered when authenticating principals. | Boolean |
Valid Values:
|
domains | Active Directory domain names associated with this provider. If the server_url points to an Active Directory forest global catalog server, each such element may be one of the many domains from the forest. For non Active Directory servers, domain represents a logical abstraction for this server which may not correspond to a network name. | ||
domain | String |
0-* Elements Valid Values:
|
|
group_attribute | Attribute for group search. This is the attribute name that will be used to represent group membership. | String |
Valid Values:
|
group_whitelist_values | |||
group_whitelist_value | String |
0-* Elements |
|
manager_dn | Distinguished Name for the bind user. | String |
Valid Values:
|
max_page_size | Maximum number of results that the LDAP server will return on a single page. | Integer |
Valid Values:
|
mode | Type of provider. Active Directory(AD) or generic LDAPv3 (LDAP) | String |
Valid Values:
|
search_base | Search base from which the LDAP search will start when authenticating users. See also: search_scope | String |
Valid Values:
|
search_filter | Key value pair representing the search filter criteria. | String |
Valid Values:
|
search_scope | In conjunction with the search_base, the search_scope indicates how many levels below the base the search can continue. | String |
Valid Values:
|
server_urls | Valid LDAP or LDAPS URL strings. | ||
server_url | String |
0-* Elements Valid Values:
|
|
name | Name assigned to this resource in ECS. The resource name is set by a user and can be changed at any time. It is not a unique identifier. | String | |
id | Identifier that is generated by ECS when the resource is created. The resource Id is guaranteed to be unique and immutable across all virtual data centers for all time. | URI |
Valid Values:
|
link | Hyperlink to the details for this resource | ||
creation_time | Timestamp that shows when this resource was created in ECS | DateTime |
Valid Values:
|
tags | Keywords and labels that can be added by a user to a resource to make it easy to find when doing a search. | ||
tag | String |
0-* Elements |
|
inactive | Indicates whether the resource is inactive. When a user removes a resource, the resource is put in this state before it is removed from the ECS database. | Boolean |
Valid Values:
|
global | Indicates whether the resource is global. | Boolean |
Valid Values:
|
remote | Indicates whether the resource is remote. | Boolean |
Valid Values:
|
vdc | |||
id | Id of the related object | URI | |
link | Hyperlink to the related object | ||
internal | Indicates whether the resource is an internal resource. | Boolean |
Valid Values:
|
GET https://192.168.0.0:4443/vdc/admin/authnproviders/urn:storageos:AuthnProvider:72c88db9-2e7b-41f3-a1a4-1e3ff1fc2d6d: HTTP/1.1 Content-Type: application/xml X-SDS-AUTH-TOKEN: <AUTH_TOKEN>
HTTP/1.1 200 OK Content-Type: application/xml <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <authnprovider> <creation_time>1379170785677</creation_time> <id>urn:storageos:AuthnProvider:72c88db9-2e7b-41f3-a1a4-1e3ff1fc2d6d:</id> <inactive>false</inactive> <link href="/vdc/admin/authnproviders/urn:storageos:AuthnProvider:72c88db9-2e7b-41f3-a1a4-1e3ff1fc2d6d:" rel="self"/> <name>ldap-configuration</name> <tags/> <disable>false</disable> <domains> <domain>tenant.domain</domain> </domains> <group_attribute>CN</group_attribute> <group_whitelist_values> <group_whitelist_value>*Admins*</group_whitelist_value> <group_whitelist_value>*Test*</group_whitelist_value> </group_whitelist_values> <manager_dn>CN=Manager,DC=root,DC=com</manager_dn> <mode>ldap</mode> <search_attribute_key>uid</search_attribute_key> <search_base>ou=People,DC=root,DC=com</search_base> <search_filter>uid=%U</search_filter> <server_cert>test_cert</server_cert> <server_urls> <server_url>ldap://192.168.0.10</server_url> </server_urls> </authnprovider>