NewApiTargetRequest
Request form for creating a new API target.
Name is a unique human readable name for the API target
Optional human readable comment
AccessGroupID specifies the access group the API target is associated to
roles object[]required
The required roles which grant access to the API target
Role unique identifier
Optional human readable role name
Whether the role has been deleted
authorized_endpoints object[]required
AuthorizedEndpoints specify address, scheme, method and path patterns for matching requests. A request must match at least one authorized endpoint to be authorized.
Host is matched against the host part in the request URL. Port may be omitted if it matches the default port 80 for http or 443 for https. Matching is case-insensitive exact match.
Protocols are matched against request URL scheme. Accepted values are "http", "https" and "*" (for http or https).
Possible values: [http, https, *]
Methods are matched against request HTTP method. Accepted values are "GET","PUT","POST","DELETE","HEAD","PATCH","OPTIONS","TRACE" and "*".
Possible values: [GET, PUT, POST, DELETE, HEAD, PATCH, OPTIONS, TRACE, *]
Paths are matched against request URL path. Supported wildcards are "*" matches one path segment, "**" matches rest of the path.
If true, unauthenticated requests matching this endpoint are allowed
Optional NAT target host (used when forwarding requests over an extender)
unauthorized_endpoints object[]required
UnauthorizedEndpoints specify address, scheme, method and path patterns. An authorized request must not match any unauthorized endpoint.
Host is matched against the host part in the request URL. Port may be omitted if it matches the default port 80 for http or 443 for https. Matching is case-insensitive exact match.
Protocols are matched against request URL scheme. Accepted values are "http", "https" and "*" (for http or https).
Possible values: [http, https, *]
Methods are matched against request HTTP method. Accepted values are "GET","PUT","POST","DELETE","HEAD","PATCH","OPTIONS","TRACE" and "*".
Possible values: [GET, PUT, POST, DELETE, HEAD, PATCH, OPTIONS, TRACE, *]
Paths are matched against request URL path. Supported wildcards are "*" matches one path segment, "**" matches rest of the path.
If true, unauthenticated requests matching this endpoint are allowed
Optional NAT target host (used when forwarding requests over an extender)
Optional X.509 certificate trust anchors for validating the API target TLS server certificates
When true, turns off API target TLS server certificate validation (use with great caution)
TargetCredential object
TargetCredential contains the credentials for authenticating to the API target.
Credential type
Possible values: [basicauth, token, certificate]
Username for credentials of type "basicauth"
Password for credentials of type "basicauth"
Static bearer token for credentials of type "token"
Certificate for api target of type "certificate"
Private key for api target of type "certificate"
Specifies whether this API target is enabled or not. All requests to disabled API targets are rejected.
Possible values: [TRUE, FALSE]
Specifies whether to session-record requests to this target API
{
"name": "string",
"comment": "string",
"access_group_id": "string",
"roles": [
{
"id": "string",
"name": "string",
"deleted": true
}
],
"authorized_endpoints": [
{
"host": "string",
"protocols": [
"http"
],
"methods": [
"GET"
],
"paths": [
"string"
],
"allow_unauthenticated": true,
"nat_target_host": "string"
}
],
"unauthorized_endpoints": [
{
"host": "string",
"protocols": [
"http"
],
"methods": [
"GET"
],
"paths": [
"string"
],
"allow_unauthenticated": true,
"nat_target_host": "string"
}
],
"tls_trust_anchors": "string",
"tls_insecure_skip_verify": true,
"TargetCredential": {
"type": "basicauth",
"basic_auth_username": "string",
"basic_auth_password": "string",
"bearer_token": "string",
"certificate": "string",
"private_key": "string"
},
"enabled": "TRUE",
"audit_enabled": true
}