// removed jquery ui css and js

Password-Based Authentication

The Default cliqruser Account and Authentication

This procedure must be performed by an Dev Ops or Enterprise Admin with an intricate understanding of your security architecture and your IT infrastructure.

Cliqruser:

By default, key-based authentication is configured using cliqruser.

Override the Default Configuration

If you do not want to use the default cliqruser account, you can alternately use password-based authentication to access Application VMs on a per-tenant basis.

You cannot configure password-based authentication from the CCM UI. You can only do so from the CCM API as described in this section.

To configure password-based authentication, follow this procedure.

  1. Use the following APIs to retrieve some basic information:

    You can override the default property as a ROOT Admin or a Tenant Admin. Either way, your login credentials determine if you are an admin (platform (root), tenant admin, or co-admin) or a user. See CloudCenter API Overview > Who Can Use CloudCenter APIs? for additional context.

    1. Use the View Tenants API for your current tenant to determine your Tenant ID:

      1. Provide the additional vendorId for a ROOT admin

      2. Just the tenantId is sufficient for a Tenant Admin

    2. Use the View All Tenant Properties API to determine the propertyId for the required Property name (propertyName) for this password-based authentication (enable.password.auth) setting, which has an ID of 132.

  2. Use the Create Tenant Properties Override API to override the default (false) setting for the enable.password.auth property name with a propertyId of 132.

    POST API Request
    https://<HOST>:<PORT>/v1/tenantProperties/override
    ROOT Admin – Request Body
    {
       "propertyId":"132",
       "vendorId":"2",
       "propertyValue":"true"
    }
    Tenant Admin – Request Body
    {
       "propertyId":"132",
       "propertyValue":"true"
    }

    You have now overridden the default cliqruser account usage in order to use password-based authentication to access Application VMs on a per-tenant basis.



  • No labels
© 2017 Cisco Systems