Static createThe Authorization Group object's attributes. *
The name of the Message VPN. *
Optional opaqueAccept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *
Optional select?: string[]Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *
Optional xOptional context id the request is running. *
Static deleteDelete an Authorization Group object. Delete an Authorization Group object. The deletion of instances of this object are synchronized to HA mates and replication sites via config-sync.
To use client authorization groups configured on an external server to provide client authorizations, Authorization Group objects must be created on the Message VPN that match the authorization groups provisioned on the external server. These objects must be configured with the client profiles and ACL profiles that will be assigned to the clients that belong to those authorization groups. A newly created group is placed at the end of the group list which is the lowest priority.
A SEMP client authorized with a minimum access scope/level of "vpn/read-write" is required to perform this operation.
This has been available since 2.0.
SempMetaOnlyResponse The request metadata.
ApiError
The name of the Authorization Group. For LDAP groups, special care is needed if the group name contains special characters such as '#', '+', ';', '=' as the value of the group name returned from the LDAP server might prepend those characters with ''. For example a group name called 'test#,lab,com' will be returned from the LDAP server as 'test#,lab,com'. *
The name of the Message VPN. *
Optional xOptional context id the request is running. *
Static getGet an Authorization Group object. Get an Authorization Group object.
To use client authorization groups configured on an external server to provide client authorizations, Authorization Group objects must be created on the Message VPN that match the authorization groups provisioned on the external server. These objects must be configured with the client profiles and ACL profiles that will be assigned to the clients that belong to those authorization groups. A newly created group is placed at the end of the group list which is the lowest priority.
| Attribute | Identifying | Write-Only | Deprecated | Opaque |
|---|---|---|---|---|
| authorizationGroupName | x | |||
| msgVpnName | x | |||
| orderAfterAuthorizationGroupName | x | |||
| orderBeforeAuthorizationGroupName | x |
A SEMP client authorized with a minimum access scope/level of "vpn/read-only" is required to perform this operation.
This has been available since 2.0.
MsgVpnAuthorizationGroupResponse The Authorization Group object's attributes, and the request metadata.
SempMetaOnlyResponse The error response.
ApiError
The name of the Authorization Group. For LDAP groups, special care is needed if the group name contains special characters such as '#', '+', ';', '=' as the value of the group name returned from the LDAP server might prepend those characters with ''. For example a group name called 'test#,lab,com' will be returned from the LDAP server as 'test#,lab,com'. *
The name of the Message VPN. *
Optional opaqueAccept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *
Optional select?: string[]Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *
Optional xOptional context id the request is running. *
Static getGet a list of Authorization Group objects. Get a list of Authorization Group objects.
To use client authorization groups configured on an external server to provide client authorizations, Authorization Group objects must be created on the Message VPN that match the authorization groups provisioned on the external server. These objects must be configured with the client profiles and ACL profiles that will be assigned to the clients that belong to those authorization groups. A newly created group is placed at the end of the group list which is the lowest priority.
| Attribute | Identifying | Write-Only | Deprecated | Opaque |
|---|---|---|---|---|
| authorizationGroupName | x | |||
| msgVpnName | x | |||
| orderAfterAuthorizationGroupName | x | |||
| orderBeforeAuthorizationGroupName | x |
A SEMP client authorized with a minimum access scope/level of "vpn/read-only" is required to perform this operation.
This has been available since 2.0.
MsgVpnAuthorizationGroupsResponse The list of Authorization Group objects' attributes, and the request metadata.
SempMetaOnlyResponse The error response.
ApiError
Optional count?: numberLimit the count of objects in the response. See the documentation for the count parameter. *
Optional cursor?: stringThe cursor, or position, for the next page of objects. See the documentation for the cursor parameter. *
The name of the Message VPN. *
Optional opaqueAccept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *
Optional select?: string[]Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *
Optional where?: string[]Include in the response only objects where certain conditions are true. See the the documentation for the where parameter. *
Optional xOptional context id the request is running. *
Static replaceReplace an Authorization Group object. Replace an Authorization Group object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.
To use client authorization groups configured on an external server to provide client authorizations, Authorization Group objects must be created on the Message VPN that match the authorization groups provisioned on the external server. These objects must be configured with the client profiles and ACL profiles that will be assigned to the clients that belong to those authorization groups. A newly created group is placed at the end of the group list which is the lowest priority.
| Attribute | Identifying | Const | Read-Only | Write-Only | Requires-Disable | Deprecated | Opaque |
|---|---|---|---|---|---|---|---|
| aclProfileName | x | ||||||
| authorizationGroupName | x | x | |||||
| clientProfileName | x | ||||||
| msgVpnName | x | x | |||||
| orderAfterAuthorizationGroupName | x | ||||||
| orderBeforeAuthorizationGroupName | x |
The following attributes in the request may only be provided in certain combinations with other attributes:
| Class | Attribute | Requires | Conflicts |
|---|---|---|---|
| MsgVpnAuthorizationGroup | orderAfterAuthorizationGroupName | orderBeforeAuthorizationGroupName | |
| MsgVpnAuthorizationGroup | orderBeforeAuthorizationGroupName | orderAfterAuthorizationGroupName |
A SEMP client authorized with a minimum access scope/level of "vpn/read-write" is required to perform this operation.
This has been available since 2.0.
MsgVpnAuthorizationGroupResponse The Authorization Group object's attributes after being replaced, and the request metadata.
SempMetaOnlyResponse The error response.
ApiError
The name of the Authorization Group. For LDAP groups, special care is needed if the group name contains special characters such as '#', '+', ';', '=' as the value of the group name returned from the LDAP server might prepend those characters with ''. For example a group name called 'test#,lab,com' will be returned from the LDAP server as 'test#,lab,com'. *
The Authorization Group object's attributes. *
The name of the Message VPN. *
Optional opaqueAccept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *
Optional select?: string[]Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *
Optional xOptional context id the request is running. *
Static updateUpdate an Authorization Group object. Update an Authorization Group object. Any attribute missing from the request will be left unchanged.
To use client authorization groups configured on an external server to provide client authorizations, Authorization Group objects must be created on the Message VPN that match the authorization groups provisioned on the external server. These objects must be configured with the client profiles and ACL profiles that will be assigned to the clients that belong to those authorization groups. A newly created group is placed at the end of the group list which is the lowest priority.
| Attribute | Identifying | Read-Only | Write-Only | Requires-Disable | Deprecated | Opaque |
|---|---|---|---|---|---|---|
| aclProfileName | x | |||||
| authorizationGroupName | x | x | ||||
| clientProfileName | x | |||||
| msgVpnName | x | x | ||||
| orderAfterAuthorizationGroupName | x | |||||
| orderBeforeAuthorizationGroupName | x |
The following attributes in the request may only be provided in certain combinations with other attributes:
| Class | Attribute | Requires | Conflicts |
|---|---|---|---|
| MsgVpnAuthorizationGroup | orderAfterAuthorizationGroupName | orderBeforeAuthorizationGroupName | |
| MsgVpnAuthorizationGroup | orderBeforeAuthorizationGroupName | orderAfterAuthorizationGroupName |
A SEMP client authorized with a minimum access scope/level of "vpn/read-write" is required to perform this operation.
This has been available since 2.0.
MsgVpnAuthorizationGroupResponse The Authorization Group object's attributes after being updated, and the request metadata.
SempMetaOnlyResponse The error response.
ApiError
The name of the Authorization Group. For LDAP groups, special care is needed if the group name contains special characters such as '#', '+', ';', '=' as the value of the group name returned from the LDAP server might prepend those characters with ''. For example a group name called 'test#,lab,com' will be returned from the LDAP server as 'test#,lab,com'. *
The Authorization Group object's attributes. *
The name of the Message VPN. *
Optional opaqueAccept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *
Optional select?: string[]Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *
Optional xOptional context id the request is running. *
Create an Authorization Group object. Create an Authorization Group object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates and replication sites via config-sync.
To use client authorization groups configured on an external server to provide client authorizations, Authorization Group objects must be created on the Message VPN that match the authorization groups provisioned on the external server. These objects must be configured with the client profiles and ACL profiles that will be assigned to the clients that belong to those authorization groups. A newly created group is placed at the end of the group list which is the lowest priority.
The following attributes in the request may only be provided in certain combinations with other attributes:
A SEMP client authorized with a minimum access scope/level of "vpn/read-write" is required to perform this operation.
This has been available since 2.0.
Returns
MsgVpnAuthorizationGroupResponse The Authorization Group object's attributes after being created, and the request metadata.
Returns
SempMetaOnlyResponse The error response.
Throws
ApiError