Template Management: Role Profile
Role Profile Template helps to divide the roles of the users according to their profiles. It is capable of applying settings to restrict certain users and to provide access to some.
API Calls
/V5/templates/ROLE_PROFILE
/V5/templates/{templateId}/ROLE_PROFILE
/V5/templates
/V5/templates/copy/{templateId}/ROLE_PROFILE
/V5/templates
/V5/templates/{tempalteId}/ROLE_PROFILE
JSON Table
Attribute | Data Type | Description |
---|---|---|
type | String | Template type. Applicable value is roletemplate. |
templateId | int | System generated value to identify the template. |
templateName | String | Name of the template. |
createdAtLocationId | application/json | ID of location at which the template is created. The value is of the type Location ID JSON. |
description | String | For internal use only. |
templateType | String | Template type. The applicable value is ROLE_PROFILE |
mncTemplateId | int | System-generated ID of the template provided via the parent server to the child server. |
role | String | Role asigned to a user. |
inheritFromSSID | boolean | True role profile configurations that are not defined will be inherited form SSID. |
vlanEnabled | boolean | True indicates VLAN is enabled. If inheritFromSSID is set to true, vlanEnabled must also be set to true. |
vlanId | int | VLAN IDs available to user sessions on which the role is applied. |
firewallEnabled | boolean | True indiactes firewall is enabled. |
applicationFirewallEnabled | boolean | True indiactes application firewall is enabled. |
firewallProfile | application/json | Firewall settings |
firewallProfile/ssid | int | A read-only field for internal use. |
firewallProfile/hostName | String | IP address or FQDN of a host for which the firewall rule applies. |
firewallProfile/direction | String | Direction for which the firewall will be enabled. The applicable values are:
|
firewallProfile/protocol | int | Protocol. The applicable values:
0 for any (default value) |
firewallProfile/action | int | Actions to allow or block the traffic. The applicable values are:
1 for allow |
firewallProfile/port | String | Port number |
firewallProfile/orderId | int | Order ID |
firewallProfile/mncOid | int | System-generated unique ID of the firewall profile. |
firewallProfile/markDirection | String | Direction of network traffic. The applicable values are:
|
firewallProfile/dscpValue | int | Specifies the Differentiated Services Code Point (DSCP) value for a firewall rule set. |
firewallProfile/defaultRule | boolean | A true or false value indicating whether this is the default rule. |
firewallProfile/oid | int | System-generated unique ID of the firewall rule. |
firewallProfile/name | String | Name of the firewall rule. |
applicationFirewallRules | application/json | Controls incoming and outgoing traffic for specifed applications. |
applicationFirewallRules/orderId | int | Order ID |
applicationFirewallRules/action | String | Actions to allow or block the traffic. The applicable values are:
1 for allow |
applicationFirewallRules/markDirection | String | Direction of network traffic. The applicable values are:
|
applicationFirewallRules/dscpValue | int | Specifies the Differentiated Services Code Point (DSCP) value for a application firewall rule set. |
applicationFirewallRules/category | String | Category of application. Possible values are
|
applicationFirewallRules/applicationIds | int | |
applicationFirewallRules/ruleName | String | Name of the application firewall rule. |
perUserTrafficControlEnabled | boolean | True indicates traffic control is enabled. |
trafficControlDownloadLimit | int | Traffic control download limit |
trafficControlDownloadLimitUnit | int | Bandwidth control download limit |
trafficControlUploadLimitUnit | int | The possible values are: 0:kbps 1:mbps |
trafficControlUploadLimit | int | Bandwidth control upload limit |
redirection | application/json | Redirection settings |
redirection/redirectUrl | String | Redirection URL |
redirection/exemptedWebHostList | String | IP address that are to be exempted from redirection. |
redirection/webQuarantineOption | int | |
redirection/webQuarantineEnabled | boolean | |
mnctemplate | boolean | True indicates this has been pushed by the parent server. |
Sample JSON
{ "type": "roletemplate", "templateId": 1, "templateName": "Test Role Profile", "createdAtLocationId": { "type": "locallocationid", "id": 0 }, "description": "", "templateType": "ROLE_PROFILE", "mncTemplateId": 0, "role": "Test Role", "inheritFromSSID": false, "vlanEnabled": true, "vlanId": 3, "firewallEnabled": true, "applicationFirewallEnabled": true, "firewallProfile": [{ "ssid": 1, "hostName": "", "direction": 0, "protocol": 0, "action": 2, "port": "", "orderId": -1, "mncOid": 0, "markDirection": "TO_WIRELESS", "dscpValue": -100, "defaultRule": true, "oid": 1, "name": null }], "applicationFirewallRules": [{ "orderId": 1, "action": "BLOCK", "markDirection": "TO_WIRELESS", "dscpValue": -100, "category": "File Transfer", "applicationIds": [102, 831], "ruleName": "test rule3" }], "perUserTrafficControlEnabled": true, "trafficControlDownloadLimit": 100, "trafficControlDownloadLimitUnit": 0, "trafficControlUploadLimitUnit": 0, "trafficControlUploadLimit": 100, "redirection": { "redirectUrl": "https://abc.com", "exemptedWebHostList": ["abc.com:80,443", "xyz.com:80,443"], "webQuarantineOption": 1, "webQuarantineEnabled": true }, "mnctemplate": false }